Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[RFC] simplify random #551

merged 3 commits into from
Oct 2, 2016

[RFC] simplify random #551

merged 3 commits into from
Oct 2, 2016


Copy link

@hannesm hannesm commented Jun 29, 2016

this is only the interface change -- after discussion I'll adapt the mirage tool to do the magic.

  • in contrast to common believe, there is no need for random to have blocking behaviour
  • helper functions which generate your favourite number representation here between bounds will be done in a helper library (no need to convolute the interface with it)
  • my current plan is to have two implementations: OCaml's Random and nocrypto's fortuna. if anywhere in your dependency chain you have nocrypto already, that one is used as default_random (the logic for this is already in the mirage tool). you can always explicitly pass the lagged-Fiobnacci PRNG (seeded with /dev/urandom or gettimeofday etc. -- fine for MirageOS on Unix, brittle on Xen (esp. on ARM where there is no wall clock)) to your modules instead of the default_random. Initialisation of any PRNG is done via its connect function (as atm for nocrypto, but not for Random).

@hannesm hannesm changed the title [RFC] simplify random device [RFC] simplify random Jun 29, 2016
Copy link

yomimono commented Jul 8, 2016

This seems like a reasonable change to me, including the implementation plan in your comment.

@yomimono yomimono added this to the mirage 3.0.0 milestone Sep 15, 2016
implementation thereof is provided by the mirage-stdlib-random package
Copy link
Member Author

hannesm commented Sep 30, 2016

The first parts are done in here:

I don't know of other users of the V1.RANDOM interface:

There are still some libraries (tcpip tests, ocaml-dns, ipaddr) which manually use Random.self_init () and thus the stdlib Random by default (some of which - such as ocaml-dns - are not inside of a mirage application). Comments on how to deal with that is welcome.

Also, maybe @Drup has some advice how to get "either nocrypto or stdlib random" bound, depending on whether the unikernel already depends on nocrypto (sth to fill in here: let direct_tcp ?(clock=default_monotonic_clock) ?(random=stdlib_random) ?(time=default_time) ip = tcp_direct_func () $ ip $ time $ clock $ random) -- there's still some (trivial) boilerplate missing for a nocrypto_random_conf, similar to stdlib_random_conf.

Copy link

avsm commented Sep 30, 2016

Should randomconv use ocaml-integers for the int16/etc types?

Copy link
Member Author

hannesm commented Sep 30, 2016

it predates ocaml-integers, and as mentioned in yallop/ocaml-integers#2 randomconv shouldn't need to depend on ocaml-integers.

Copy link

avsm commented Sep 30, 2016

Makes sense!

Copy link
Member Author

hannesm commented Sep 30, 2016

and there's 548ce90 the nocrypto rng for your pleasure....

Copy link

yallop commented Sep 30, 2016

randomconv shouldn't need to depend on ocaml-integers.

That's true if you're using standard types (int, int32, int64), or very small types (uint8, uint16), but it's not true in other cases (uint32, uint64, and platform-specific types).

Copy link
Member Author

hannesm commented Sep 30, 2016

(and before we start to functorize all the code, maybe we should realise that a sensible OS will always have a single RNG, a single TIME, a single PCLOCK, and a single MCLOCK -- and there's no need to functorize all the libraries over these resources -- see on how we'd get there)

Copy link
Member Author

hannesm commented Sep 30, 2016

@yallop this is the case, see

Copy link
Member Author

hannesm commented Oct 2, 2016

Travis is happy (in mirage-skeleton over here)

@yomimono yomimono merged commit d440fd6 into mirage:master Oct 2, 2016
@hannesm hannesm deleted the rondom branch October 2, 2016 13:37
hannesm added a commit to hannesm/opam-repository that referenced this pull request Oct 24, 2020
…es (3.9.0)


The Xen backend is a minimal legacy-free re-write: Solo5 (since 0.6.6) provides
the low-level glue code, and ocaml-freestanding provides the OCaml runtime. The
PV-only Mini-OS implementation has been retired.

The only supported virtualization mode is now Xen PVH (version 2 or above),
supported since Xen version 4.10 or later (and Qubes OS 4.0).

The support for the ARM32 architecture on Xen has been removed.

Security posture improvements:

With the move to a Solo5 and ocaml-freestanding base MirageOS gains several
notable improvements to security posture for unikernels on Xen:

* Stack smashing protection is enabled unconditionally for all C code.
* W^X is enforced throughout, i.e. `.text` is read-execute, `.rodata` is
  read-only, non-executable and `.data`, heap and stack are read-write and
* The memory allocator used by the OCaml runtime is now dlmalloc (provided by
  ocaml-freestanding), which is a big improvement over the Mini-OS malloc, and
  incorporates features such as heap canaries.

Interface changes:

* With the rewrite of the Xen core platform stack, several Xen-specific APIs
  have changed in incompatible ways; unikernels may need to be updated. Please
  refer to the mirage-xen v6.0.0 [change
  log]( for a list of
  interfaces that have changed along with their replacements.

Other changes:

* OCaml 4.08 is the minimum supported version.
* A dummy `dev-repo` field is emitted for the generated opam file.
* .xe files are no longer generated.
* Previous versions of MirageOS would strip boot parameters on Xen, since Qubes
  OS 3.x added arguments that could not be interpreted by our command line
  parser. Since Qubes OS 4.0 this is no longer an issue, and MirageOS no longer
  strips any boot parameters. You may need to execute
  `qvm-prefs qube-name kernelopts ''`.


* Thanks to Roger Pau Monné, Andrew Cooper and other core Xen developers for
  help with understanding the specifics of how PVHv2 works, and how to write an
  implementation from scratch.
* Thanks to Marek Marczykowski-Górecki for help with the Qubes OS specifics, and
  for forward-porting some missing parts of PVHv2 to Qubes OS version of Xen.
* Thanks to @palainp on Github for help with testing on Qubes OS.

### v3.8.1 (2020-09-22)

* OCaml runtime parameters (OCAMLPARAM) are exposed as boot and configure
  arguments. This allows e.g. to switch to the best-fit garbage collection
  strategy (mirage/mirage#1180 @hannesm)

### v3.8.0 (2020-06-22)

* Emit type=pv in xl (instead of builder=linux), as required by xen 4.10+ (mirage/mirage#1166 by @djs55)
* adapt to ipaddr 5.0.0, tcpip 5.0.0, mirage-crypto 0.8 (mirage/mirage#1172 @hannesm)

### v3.7.7 (2020-05-18)

* handle errors from Bos.OS.Cmd.run_out
* use PREFIX if defined (no need to call "opam config var prefix")
* adapt to conduit 2.2.0, tls 0.12, mirage-crypto 0.7.0 changes

### v3.7.6 (2020-03-18)

* fix conduit with 3.7.5 changes (mirage/mirage#1086, @hannesm)

### v3.7.5 (2020-03-15)

* use mirage-crypto (and mirage-crypto-entropy) instead of nocrypto, also
  tls-mirage and up-to-date conduit (mirage/mirage#1068, @hannesm)

### v3.7.4 (2019-12-20)

* use `git rev-parse --abbrev-ref HEAD` instead of `git branch --show-current`
  for emitting branch information into the opam file. The latter is only
  available in git 2.22 or later, while the former seems to be supported by
  old git releases. (mirage/mirage#1024, @hannesm)

### v3.7.3 (2019-12-17)

* `mirage configure` now emits build and install steps into generated opam file
  this allows to use `opam install .` to actually install a unikernel.
  (mirage/mirage#1022 @hannesm)
* refactor configure, build and link step into separate modules (mirage/mirage#1017 @dinosaure)

### v3.7.2 (2019-11-18)

* adjust fat-filesystem constraints to >= 0.14 && < 0.15 (mirage/mirage#1015, @hannesm)

### v3.7.1 (2019-11-03)

* clean opam files when `mirage configure` is executed (mirage/mirage#1013 @dinosaure)
* deprecate mirage-types and mirage-types-lwt (mirage/mirage#1006 @hannesm)
* remove abstraction over 'type 'a io' and 'buffer', remove mirage-*-lwt packages (mirage/mirage#1006 @hannesm)
* unify targets in respect to hooks (Mirage_runtime provides the hooks and registration)
* unify targets in respect to error handling (no toplevel try .. with installed anymore, mirage-unix does no longer ignore all errors)

### v3.7.0 (2019-11-01)

* mirage-runtime: provide at_enter_iter/at_exit_iter/at_exit hooks for the event loop (mirage/mirage#1010, @samoht @dinosaure @hannesm)
* call `exit 0` after the Lwt event loop returned (to run at_exit handlers in freestanding environments) (mirage/mirage#1011, @hannesm)
* NOTE: this release only contains the mirage-runtime opam package to unblock other releases, there'll be a 3.7.1 soon

### v3.6.0 (2019-10-02)

* solo5 0.6 support for multiple devices (mirage/mirage#993, by @mato)
  please read for detailed changes
  observable mirage changes:
  - new target `-t spt` for sandboxed processed tender (seccomp on Linux)
  - new functions Mirage_key.is_solo5 and Mirage_key.is_xen, analogue to Mirage_key.is_unix
* respect verbosity when calling `ocamlbuild` -- verbose if log level is info or debug (mirage/mirage#999, by @mato)

### v3.5.2 (2019-08-22)

* Adapt to conduit 2.0.0 release, including dns 4.0.0 (mirage/mirage#996, by @hannesm)
* Adjust mirage-xen constraints to < 5.0.0 (mirage/mirage#995, by @reynir)

### v3.5.1 (2019-07-11)

* Adapt to new tracing API (mirage/mirage#985, by @talex5)
* Remove stubs for qrexec and qubes gui (qubes 3 is end of life, qubes 4 makes it configurable) (mirage/mirage#984, by @linse & @yomimono)
* Update mirage-logs and charrua-client-mirage version constraints (mirage/mirage#982, by @hannesm)
* Remove unused dockerfile, travis updates (mirage/mirage#982 mirage/mirage#990, by @hannesm)

### v3.5.0 (2019-03-03)

* Rename Mirage_impl_kv_ro to Mirage_impl_kv, and introduce `rw` (mirage/mirage#975, by @hannesm)
* Adapt to mirage-kv 2.0.0 changes (mirage/mirage#975, by @hannesm)
* Adapt to mirage-protocols and mirag-net 2.0.0 changes (mirage/mirage#972, by @hannesm)
* mirage-types-lwt: remove unneeded io-page dependency (mirage/mirage#971, by @hannesm)
* Fix regression introduced in 3.4.0 that "-l *:debug" did no longer work (mirage/mirage#970, by @hannesm)
* Adjust various upper bounds (mirage-unix, cohttp-mirage, mirage-bootvar-xen) (mirage/mirage#967, by @hannesm)

### v3.4.1 (2019-02-05)

* Provide a httpaf_server device, and a cohttp_server device (mirage/mirage#955, by @anmonteiro)
* There can only be a single prng device in a unikernel, due to entropy
  harvesting setup (mirage/mirage#959, by @hannesm)
* Cleanup zarith-freestanding / gmp-freestanding dependencies (mirage/mirage#964, by @hannesm)
* ethernet is now a separate package (mirage/mirage#965, by @hannesm)
* arp now uses the mirage/arp repository by default, the tcpip.arpv4
  implementation was removed in tcpip 3.7.0 (mirage/mirage#965, by @hannesm)

### v3.4.0 (2019-01-11)

* use ipaddr 3.0 without s-expression dependency (mirage/mirage#956, by @hannesm)
* use mirage-clock 2.x and tcpip 3.6.x libraries (mirage/mirage#960, mirage/mirage#962, by @hannesm)
* default to socket stack on unix and macos (mirage/mirage#958, by @hannesm)
* use String.split_on_char in mirage-runtime to avoid astring dependency (mirage/mirage#957, by @hannesm)
* add build-dependency on mirage to each unikernel (mirage/mirage#953, by @hannesm)

### 3.3.1 (2018-11-21)

* fix regression: --yes was not passed to opam in 3.3.0 (mirage/mirage#950, by @hannesm)

### 3.3.0 (2018-11-18)

New target: (via solo5) Genode:
"Genode is a free and open-source operating system framework consisting
of a microkernel abstraction layer and a collection of userspace components. The
framework is notable as one of the few open-source operating systems not derived
from a proprietary OS, such as Unix. The characteristic design philosophy is
that a small trusted computing base is of primary concern in a security oriented
OS." (from wikipedia, more at mirage/mirage#942, by @ehmry)

User-visible changes
* use mirage-bootvar-unix instead of OS.Env.argv
  (deprecated since mirage-{xen,unix,os-shim}.3.1.0, mirage-solo5.0.5.0) on unix
  (mirage/mirage#931, by @hannesm)

  WARNING: this leads to a different semantics for argument passing on Unix:
  all arguments are concatenated (using a whitespace " " as separator), and
  split on the whitespace character again (by parse-argv). This is coherent
  with all other backends, but the whitespace in "--hello=foo bar" needs to
  be escaped now.

* mirage now generates upper bounds for hard-coded packages that are used in
  generated code. When we now break the API, unikernels which are configured with
  an earlier version won't accept the new release of the dependency. This means
  API breakage is much smoother for us, apart from that we now track version
  numbers in the mirage utility. The following rules were applied for upper bounds:
  - if version < 1.0.0 then ~min:"a.b.c" ~max:"a.(b+1).0"
  - if version > 1.0.0 then ~min:"a.b.c" ~max:"(a+1).0.0"`
  - exceptions: tcpip (~min:"3.5.0" ~max:"3.6.0"), mirage-block-ramdisk (unconstrained)

  WARNING: Please be careful when release any of the referenced libraries by
  taking care of appropriate version numbering.
  (initial version in mirage/mirage#855 by @avsm, final mirage/mirage#946 by @hannesm)

* since functoria.2.2.2, the "package" function (used in unikernel configuration)
  is extended with the labeled argument ~pin that receives a string (e.g.
  ~pin:"git+"), and is embedded
  into the generated opam file as [pin-depends](

* mirage-random-stdlib is now used for default_random instead of mirage-random
  (which since 1.2.0 no longer bundles the stdlib Random
  module). mirage-random-stdlib is not cryptographically secure, but "a
  lagged-Fibonacci F(55, 24, +) with a modified addition function to enhance the
  mixing of bits.", which is now seeded using mirage-entropy. If you configure
  your unikernel with "mirage configure --prng fortuna" (since mirage 3.0.0), a
  cryptographically secure PRNG will be used (

* mirage now revived its command-line "--no-depext", which removes the call to
  "opam depext" in the depend and depends target of the generated Makefile
  (mirage/mirage#948, by @hannesm)

* make depend no longer uses opam pin for opam install --deps-only (mirage/mirage#948, by @hannesm)

* remove unused io_page configuration (initial discussion in mirage/mirage#855, mirage/mirage#940, by @hannesm)

* charrua-client requires a Mirage_random interface since 0.11.0 (mirage/mirage#938, by @hannesm)

* split implementations into separate modules (mirage/mirage#933, by @emillon)

* improved opam2 support (declare ocaml as dependency mirage/mirage#926)

* switch build system to dune (mirage/mirage#927, by @emillon)

* block device writes has been fixed in mirage-solo5.0.5.0

### 3.2.0 (2018-09-23)

* adapt to solo5 0.4.0 changes (mirage/mirage#924, by @mato)
Upgrading from Mirage 3.1.x or earlier

Due to conflicting packages, opam will not upgrade mirage to version 3.2.0 or newer if a version of mirage-solo5 older than 0.4.0 is installed in the switch. To perform the upgrade you must run `opam upgrade mirage` explicitly.

Changes required to rebuild and run ukvm unikernels

As of Solo5 0.4.0, the ukvm target has been renamed to hvt. If you are working out of an existing, dirty, source tree, you should initially run:

mirage configure -t hvt
mirage clean
mirage configure -t hvt

and then proceed as normal. If you are working with a clean source tree, then simply configuring with the new hvt target is sufficient:

`mirage configure -t hvt`

Note that the build products have changed:

The unikernel binary is now named `<unikernel>.hvt`,
the `ukvm-bin` binary is now named `solo5-hvt`.

* adapt to mirage-protocols, mirage-stack, tcpip changes (mirage/mirage#920, by @hannesm)

This is a breaking change: mirage 3.2.0 requires mirage-protocols 1.4.0, mirage-stack 1.3.0, and tcpip 3.5.0 to work (charru-client-mirage 0.10 and mirage-qubes-ipv4 0.6 are adapted to the changes).  An older mirage won't be able to use these new libraries correctly.  Conflicts were introduced in the opam-repository.

In more detail,  direct and socket stack initialisation changed, which is automatically generated by the mirage tool for each unikernel (as part of ``).  A record was built up, which is no longer needed.

Several unneeded type aliases were removed:
  `netif` from Mirage_protocols.ETHIF
  `ethif` and `prefix` from Mirage_protocols.IP
  `ip` from Mirage_protocols.{UDP,TCP}
  `netif` and `'netif config` from Mirage_stack.V4
  `'netif stackv4_config` and `socket_stack_config` in Mirage_stack

* squash unnecessary warning from `mirage build` (mirage/mirage#916, by @mato)

### 3.1.1 (2018-08-01)

* for the unix target, add `-tags thread`, as done for the mac osx target (mirage/mirage#861,
  suggested by @cfcs)
* bump minimum mirage-solo5* and solo5-kernel* to 0.3.0 (mirage/mirage#914, by @hannesm, as
  suggested by @mato)
* use the exposed signature in functoria for Key modules (mirage/mirage#912, by @Drup)
* add ?group param to all generic devices (mirage/mirage#913, by @samoht)

### 3.1.0 (2018-06-20)

* solo5 v0.3.0 support (mirage/mirage#906, by @mato @Kensan @hannesm):
  The major new user-visible features for the Solo5 backends are:
    ukvm: Now runs natively on FreeBSD vmm and OpenBSD vmm.
    ukvm: ARM64 support.
    muen: New target, for the Muen Separation Kernel.
    ukvm: Improved and documented support for debugging Solo5-based unikernels.
* generate libvirt.xml for virtio target (mirage/mirage#903, by @bramford)
* don't make xen config documents for target qubes (mirage/mirage#895, by @yomimono)
* use a path pin when making depends (mirage/mirage#891, by @yomimono)
* move block registration to `configure` section (mirage/mirage#892, by @yomimono)
* allow to directly specifying xenstore ids (mirage/mirage#879, by @yomimono)

### 3.0.8 (2017-12-19)

* when passing block devices to `xen`, pass the raw filename rather than trying to infer the xenstore ID (mirage/mirage#874, by @yomimono)
* make homepage in opam files consistent (mirage/mirage#872, by @djs55)

### 3.0.7 (2017-11-24)

* the released version of `cohttp-mirage` is `1.0.0` (not `3.0.0`)
  (mirage/mirage#870 by @hannesm)

### 3.0.6 (2017-11-16)

* remove macOS < yosemite support (mirage/mirage#860 by @hannesm)
* rename `mirage-http` to `cohttp-mirage` (mirage/mirage#863 by @djs55)
  See [mirage/ocaml-cohttp#572]
* opam: require OCaml 4.04.2+ (mirage/mirage#867 by @hannesm)

### 3.0.5 (2017-08-08)

* Allow runtime configuration of syslog via config keys `--syslog`,
  `--syslog-port` and `--syslog-hostname` (mirage/mirage#853 via @hannesm).
* Switch build of tool and libraries to Jbuilder (by @samoht)
* Fix a warning when connecting to a ramdisk device (mirage/mirage#837 by @g2p)
* Fix reference to tar library when using `--kv-ro archive` (mirage/mirage#848 by @mor1)
* Adapt to latest functoria API (mirage/mirage#849 by @samoht)

* Add a `--gdb` argument for ukvm targets so that debuggers can be attached easily.
  This allows `mirage configure --gdb -t ukvm` to work (@ricarkol in mirage/mirage#847).

* Adapt to latest functoria (mirage/mirage#849 by @samoht)
* Adapt to latest charrua, tcpip (mirage/mirage#854 by @yomimono)
* Switch to jbuilder (mirage/mirage#850 by @samoht)

Packaging updates for latest opam repository:
* ARP is compatible with MirageOS3 since 0.2.0 (mirage/mirage#851 by @hannesm)

### 3.0.4 (2017-06-15)
* add a --block configure flag for picking ramdisk or file-backed disk
* add lower bounds on packages
* fallback to system `$PKG_CONFIG_PATH`
* update for mirage-qubes-ipv4

### 3.0.2 (2017-03-15)

* restore ocamlbuild colors when `TERM <> dumb && Unix.isatty stdout` (mirage/mirage#814, by @hannesm)

### 3.0.1 (2017-03-14)

* remove "-color always" from ocamlbuild invocation (bugfix for some scripts interpreting build output) (mirage/mirage#811, by @hannesm)
* provide a "random" module argument when invoking IPv6.Make (compat with tcpip 3.1.0) (mirage/mirage#801, by @hannesm)
* add a "depends" target to the generated Makefile (controversial and may be removed) (mirage/mirage#805, by @yomimono)
* allow qubesdb to be requested in when the target is xen (mirage/mirage#807, by @talex5)

### 3.0.0 (2017-02-23)

* rename module types modules: V1 -> Mirage_types, V1_LWT -> Mirage_types_lwt (mirage/mirage#766, by @yomimono, @samoht, and @hannesm)
* split type signatures and error printers into separate libraries (mirage/mirage#755, mirage/mirage#753, mirage/mirage#752, mirage/mirage#751, mirage/mirage#764, and several others, by @samoht and @yomimono)
* use mirage-fs instead of ocaml-fat to transform FS into KV_RO (mirage/mirage#756, by @samoht)
* changes to simplify choosing an alternate ARP implementation (mirage/mirage#750, by @hannesm)
* add configurators for syslog reporter (mirage/mirage#749, by @hannesm)
* filter incoming boot-time arguments for all Xen backends, not just QubesOS (mirage/mirage#746, by @yomimono)
* give mirage-types-lwt its own library, instead of a mirage-types sublibrary called lwt (mirage/mirage#735, by @hannesm)
* remove `format` function and `Format_unknown` error from FS module type (mirage/mirage#733, by @djs55)
* ocamlify FAT name (mirage/mirage#723 by @yomimono)
* remove type `error` from DEVICE module type (mirage/mirage#728, by @hannesm)
* UDP requires random for source port randomization (mirage/mirage#726 by @hannesm)
* drop "mir-" prefix from generated binaries (mirage/mirage#725 by @hannesm)
* BLOCK and FS uses result types (mirage/mirage#705 by @yomimono)
* depext fixes (mirage/mirage#718 by @mato)
* workflow changes: separate configure, depend, build phases, generate opam file during configure (mirage/mirage#703, mirage/mirage#711 by @hannesm)
* tap0 is now default_network (mirage/mirage#715, mirage/mirage#719 by @yomimono, @mato)
* ARP uses result types (mirage/mirage#711 by @yomimono)
* ipv4 key (instead of separate ip and netmask) (mirage/mirage#707, mirage/mirage#709 by @yomimono)
* CHANNEL uses result types (mirage/mirage#702 by @avsm)
* no custom, was needed for OCaml 4.00 (mirage/mirage#693 by @hannesm)
* revert custom ld via pkg-config (mirage/mirage#692 by @hannesm)
* result types for FLOW and other network components (mirage/mirage#690 by @yomimono)
* removed `is_xen` key (mirage/mirage#682, by @hannesm)
* mirage-clock-xen is now mirage-clock-freestanding (mirage/mirage#684, by @mato)
* mirage-runtime is a separate opam package providing common functionality (mirage/mirage#681, mirage/mirage#615 by @hannesm)
* add `qubes` target for making Xen unikernels which boot & configure themselves correctly on QubesOS. (mirage/mirage#553, by @yomimono)
* revised V1.CONSOLE interface: removed log, renamed log_s to log (mirage/mirage#667, by @hannesm)
* remove Str module from OCaml runtime (mirage/mirage#663, in ocaml-freestanding and mirage-xen-ocaml, by @hannesm)
* new configuration time keyword: prng to select the default prng (mirage/mirage#611, by @hannesm)
* fail early if tracing is attempted with Solo5 (mirage/mirage#657, by @yomimono)
* refactor ipv4, stackv4, and dhcp handling (mirage/mirage#643, by @yomimono)
* create xen-related helper files only when the target is xen (mirage/mirage#639, by @hannesm)
* improvements to nocrypto handling (mirage/mirage#636, by @pqwy)
* disable warning mirage/mirage#42 in generated code for unikernels (mirage/mirage#633, by @hannesm)
* V1.NETWORK functions return a Result.t rather than polyvars indicating success or errors (mirage/mirage#615, by @hannesm)
* remove GNUisms and unnecessary artifacts from build (mirage/mirage#623, mirage/mirage#627, by @mato and @hannesm)
* remove type `id` from `DEVICE` module type. (mirage/mirage#612, by @yomimono and @talex5)
* revise the RANDOM signature to provide n random bytes; provide nocrypto_random and stdlib_random (mirage/mirage#551 and mirage/mirage#610, by @hannesm)
* expose `direct` as an option for `kv_ro`.  (mirage/mirage#607, by @mor1)
* require a `mem` function in KV_RO, and add `Failure` error variant (mirage/mirage#606, by @yomimono)
* `connect` functions are no longer expected to return polyvars, but rather to raise exceptions if `connect` fails and return the value directly. (mirage/mirage#602, by @hannesm)
* new documentation using `odig` (mirage/mirage#591, mirage/mirage#593, mirage/mirage#594, mirage/mirage#597, mirage/mirage#598, mirage/mirage#599, mirage/mirage#600, and more, by @avsm)
* change build system to `topkg` from `oasis`. (mirage/mirage#558, mirage/mirage#590, mirage/mirage#654, mirage/mirage#673, by @avsm, @samoht, @hannesm, @dbuenzli)
* express io-page dependency of crunch. (mirage/mirage#585, by @yomimono and @mato)
* deprecate the CLOCK module type in favor of PCLOCK (POSIX clock) and
  MCLOCK (a monotonically increasing counter of elapsed nanoseconds).
  (mirage/mirage#548 and mirage/mirage#579, by @mattgray and @yomimono)
* emit an ocamlfind predicate that matches the target, reducing the
  amount of duplication by target required of library authors
  (mirage/mirage#568, by @pqwy)
* implement an `is_unix` key (mirage/mirage#575, by @mato)
* use an int64 representing nanoseconds as the argument for `TIME.sleep`,
  instead of a float representing seconds. (mirage/mirage#547, by @hannesm)
* expose new targets `virtio` and `ukvm` via the `solo5` project. (mirage/mirage#565,
  by @djwillia, @mato, and @hannesm).
* remove users of `base_context`, which includes command-line arguments `--unix`
  and `--xen`, and `` functions `add_to_ocamlfind_libraries` and
  `add_to_opam_packages`.  As a side effect, fix a long-standing error message
  bug when invoking `mirage` against a `` that does not build.
  (mirage/mirage#560, by @yomimono)
* link `libgcc.a` only on ARM & other build improvements (mirage/mirage#544, by @hannesm)
* allow users to use `crunch` on unix with `kv_ro`; clean up crunch .mlis on
  clean (mirage/mirage#556, by @yomimono)
* remove console arguments to network functors (mirage/mirage#554, by @talex5 and @yomimono)
* standardize ip source and destination argument names as `src` and `dst`, and
  source and destination ports as `src_port` and `dst_port` (mirage/mirage#546, by @yomimono)
* a large number of documentation improvements (mirage/mirage#549, by @djs55)
* require `pseudoheader` function for IP module types. (mirage/mirage#541, by @yomimono)
* always build with `ocamlbuild -r`, to avoid repetitive failure message
  (mirage/mirage#537, by @talex5)

### 2.9.1 (2016-07-20)

* Warn users of command-line arguments `--unix` and `--xen` that support for
  these will soon be dropped.  Instead, use `-t unix` and `-t xen` respectively.
  (see mirage/mirage-www#475 (comment))
  (mirage/mirage#561, by @yomimono)
* Warn users of functions `add_to_opam_packages p` and
  `add_to_ocamlfind_libraries l` that support for these will soon be dropped.
  Instead, use `register ~libraries:l` and `register:~packages:p`
  respectively. (mirage/mirage#561, by @yomimono).

### 2.9.0 (2016-04-29)

* Add logging support. A new `reporter` parameter to `register` is now
  available. This parameter defines how to configure the log reporter,
  using `Logs` and `Mirage_logs`. Log reporters can also be configured
  at configuration AND runtime using on the new `-l` or `--logs`
  command-line argument.  (mirage/mirage#534, by @samoht, @talex5 and @Drup)
* Allow to disable command-line parsing at runtime. There is a new
  `argv` parameter to the `register` function to allow to pass custom
  command-line argument parsing devices.  Use `register ~argv:no_argv`
  to disable command-line argument parsing. (mirage/mirage#493, by @samoht and @Drup)

### 2.8.0 (2016-04-04)

* Define an ICMP and ICMPV4 module type. ICMPV4 is included in, and
  surfaced by, the STACKV4 module type. The previous default behavior
  of the IPv4 module with respect to ICMP is preserved by STACKV4 and
  the tcpip_stack_direct function provided by mirage. (mirage/mirage#523, by
* Explicitly require OCaml compiler version 4.02.3 in opam files for
  mirage-types and mirage.

### 2.7.3 (2016-03-20)

* Fix another regression introduced in 2.7.1 which enable
  `-warn-error` by default. This is now controlled by a
  `--warn-error` flag on `mirage configure`. Currently it's
  default value is [false] but this might change in future
  versions (mirage/mirage#520)

### 2.7.2 (2016-03-20)

* Fix regression introduced in 2.7.1 which truncates the ouput of
  `opam install` and breaks `opam depext` (mirage/mirage#519, by @samoht)

### 2.7.1 (2016-03-17)

* Improve the Dockerfile (mirage/mirage#507, by @avsm)
* Use Astring (by @samoht)
* Clean-up dependencies automatically added by the tool
  - do not require `lwt.syntax`, `cstruct.syntax` and `sexplib`, which
    should make the default unikernels camlp4-free (mirage/mirage#510, mirage/mirage#515 by @samoht)
  - always require `mirage-platform` (mirage/mirage#512, by @talex5)
  - ensure that `mirage-types` and `mirage-types-lwt` are installed
* Turn on more warnings and enable "warning as errors".
* Check that the OCaml compiler is at least 4.02.3 (by @samoht)

### 2.7.0 (2016-02-17)

The mirage tool is now based on functoria. (mirage/mirage#441 mirage/mirage#450, by @Drup @samoht)
See for full details.

* Command line interface: The config file must be passed with the -f option
  (instead of being just an argument).
* Two new generic combinators are available, generic_stack and generic_kv_ro.
* `get_mode` is deprecated. You should use keys instead. And in particular
  `` and `Key.is_xen`.
* `add_to_ocamlfind_libraries` and `add_to_opam_packages` are deprecated. Both
  the `foreign` and the `register` functions now accept the `~libraries` and
  `~packages` arguments to specify library dependencies.

* If you were using `tls` without the conduit combinator, you will be
  greeted during configuration by a message like this:
The "nocrypto" library is loaded but entropy is not enabled!
Please enable the entropy by adding a dependency to the nocrypto device.
You can do so by adding ~deps:[abstract nocrypto] to the arguments of Mirage.foreign.
  Data dependencies (such as entropy initialization) are now explicit.
  In order to fix this, you need to declare the dependency like so:
open Mirage

let my_functor =
  let deps = [abstract nocrypto] in
  foreign ~deps "My_Functor" (foo @-> bar)
  `My_functor.start` will now take an extra argument for each
  dependencies. In the case of nocrypto, this is `()`.

* Remove `` from the scripts directory, to be available
  as an external script.

### 2.6.1 (2015-09-08)

* Xen: improve the .xl file generation. We now have
  - `name.xl`: this has sensible defaults for everything including the
    network bridges and should "just work" if used on the build box
  - ``: this has all the settings needed to boot (e.g. presence of
    block and network devices) but all the environmental dependencies are
    represented by easily-substitutable variables. This file is intended for
    production use: simply replace the variables for the paths, bridges, memory
    sizes etc. and run `xl create` as before.

### 2.6.0 (2015-07-28)

* Better ARP support. This needs `mirage-tcpip.2.6.0` (mirage/mirage#419, by @yomimono)
  - [mirage-types] Remove `V1.IPV4.input_arp`
  - [mirage-types] Expose `V1.ARP` and `V1_LWT.ARP`
  - Expose a `Mirage.arp` combinator
* Provide noop configuration for default_time (mirage/mirage#435, by @yomimono)
* Add `Mirage.archive` and `Mirage.archive_of_files` to support attaching files
  via a read-only tar-formatted BLOCK (mirage/mirage#432, by @djs55)
* Add a .merlin file (mirage/mirage#428, by @Drup)

### 2.5.1 (2015-07-17)

* [mirage-types] Expose `V1_LWT.FS.page_aligned_buffer = Cstruct.t`

### 2.5.0 (2015-06-10)

* Change the type of the `Mirage.http_server` combinator. The first argument
  (the conduit server configuration) is removed and should now be provided
  at compile-time in `` instead of configuration-time in

(* [] *)
(* in 2.4 *) let http = http_server (`TCP (`Port 80)) conduit
(* in 2.5 *) let http = http_server conduit

(* [] *)
let start http =
(* in 2.4 *) http (S.make ~conn_closed ~callback ())
(* in 2.5 *) http (`TCP 80) (S.make ~conn_closed ~callback ())

* Change the type of the `Mirage.conduit_direct` combinator.
  Previously, it took an optional `vchan` implementation, an optional
  `tls` immplementation and an optional `stackv4` implemenation. Now,
  it simply takes a `stackv4` implementation and a boolean to enable
  or disable the `tls` stack. Users who want to continue to use
  `vchan` with `conduit` should now use the `Vchan` functors inside
  `` instead of the combinators in ``. To
  enable the TLS stack:

(* [] *)
let conduit = conduit_direct ~tls:true (stack default_console)

(* [] *)
module Main (C: Conduit_mirage.S): struct
  let start conduit =
    C.listen conduit (`TLS (tls_config, `TCP 443)) callback

* [types] Remove `V1.ENTROPY` and `V1_LWT.ENTROPY`. The entropy is now
  handled directly by `nocrypto.0.4.0` and the mirage-tool is only responsible to
  call the `Nocrypto_entropy_{mode}.initialize` function.

* Remove `Mirage.vchan`, `Mirage.vchan_localhost`, `Mirage.vchan_xen` and
  `Mirage.vchan_default`. Vchan users need to adapt their code to directly
  use the `Vchan` functors instead of relying on the combinators.
* Remove `Mirage.conduit_client` and `Mirage.conduit_server` types.
* Fix misleading "Compiling for target" messages in `mirage build`
  (mirage/mirage#408 by @lnmx)
* Add `--no-depext` to disable the automatic installation of opam depexts (mirage/mirage#402)
* Support `@name/file` findlib's extended name syntax in `xen_linkopts` fields.
  `@name` is expanded to `%{lib}%/name`
* Modernize the Travis CI scripts

### 2.4.0 (2015-05-05)

* Support `mirage-http.2.2.0`
* Support `conduit.0.8.0`
* Support `tcpip.2.4.0`
* Add time and clock parameters to IPv4 (mirage/mirage#362, patch from @yomimono)
* Support for `ocaml-tls` 0.4.0.
* Conduit now takes an optional TLS argument, allowing servers to support
  encryption. (mirage/mirage#347)
* Add the ability to specify `Makefile.user` to extend the generated
  `Makefile`. Also `all`, `build` and `clean` are now extensible make
* Remove the `mirage run` command (mirage/mirage#379)
* Call `opam depext` when configuring (mirage/mirage#373)
* Add opam files for `mirage` and `mirage-types` packages
* Fix `mirage --version` (mirage/mirage#374)
* Add a `update-doc` target to the Makefile to easily update the online
  documentation at

### 2.3.0 (2015-03-10)

* Remove the `IO_PAGE` module type from `V1`. This has now moved into the
  `io-page` pacakge (mirage/mirage#356)
* Remove `DEVICE.connect` from the `V1` module types.  When a module is
  functorised over a `DEVICE` it should only have the ability to
  *use* devices it is given, not to connect to new ones. (mirage/mirage#150)
* Add `FLOW.error_message` to the `V1` module types to allow for
  generic handling of errors. (mirage/mirage#346)
* Add `IP.uipaddr` as a universal IP address type. (mirage/mirage#361)
* Support the `entropy` version 0.2+ interfaces. (mirage/mirage#359)
* Check that the `opam` command is at least version 1.2.0 (mirage/mirage#355)
* Don't put '-classic-display' in the generated Makefiles. (mirage/mirage#364)

### 2.2.1 (2015-01-29)

* Fix logging errors when `mirage` output is not redirected. (mirage/mirage#355)
* Do not reverse the order of C libraries when linking.  This fixes Zarith
  linking in Xen mode. (mirage/mirage#341).
* Fix typos in command line help. (mirage/mirage#352).

### 2.2.0 (2014-12-18)

* Add IPv6 support. This alters some of the interfaces that were previously
  hardcoded to IPv4 by generalising them.  For example:

type v4
type v6

type 'a ip
type ipv4 = v4 ip
type ipv6 = v6 ip

Full support for configuring IPv6 does not exist yet, as this release is
intended for getting the type definitions in place before adding configuration

### 2.1.1 (2014-12-10)

* Do not reuse the Unix linker options when building Xen unikernels.  Instead,
  get the linker options from the ocamlfind `xen_linkopts` variables (mirage/mirage#332).
  See `tcpip.2.1.0` for a library that does this for a C binding.
* Only activate MacOS X compilation by default on 10.10 (Yosemite) or higher.
  Older revisions of MacOS X will use the generic Unix mode by default, since
  the `vmnet` framework requires Yosemite or higher.
* Do not run crunched filesystem modules through `camlp4`, which significantly
  speeds up compilation on ARM platforms (from minutes to seconds!) (mirage/mirage#299).

### 2.1.0 (2014-12-07)

* Add specific support for `MacOSX` as a platform, which enables network bridging
  on Yosemite (mirage/mirage#329).  The `--unix` flag will automatically activate the new target
  if run on a MacOS X host.  If this breaks for you due to being on an older version of
  MacOS X, then use the new `--target` flag to set either Unix, MacOSX or Xen to the
  `mirage configure` command.
* Add `mirage.runtime` findlib library and corresponding Mirage_runtime module (mirage/mirage#327).
* If net driver in STACKV4_direct can't initialize, print a helpful error (mirage/mirage#164).
* [xen]: fixed link order in generated Makefile (mirage/mirage#322).
* Make `Lwt.tracing` instructions work for Fish shell too by improving quoting (mirage/mirage#328).

### 2.0.1 (2014-11-21)

* Add `register ~tracing` to enable tracing with mirage-profile at start-up (mirage/mirage#321).
* Update Dockerfile for latest libraries (mirage/mirage#320).
* Only build mirage-types if Io_page is also installed (mirage/mirage#324).

### 2.0.0 (2014-11-05)

* [types]: backwards incompatible change: CONSOLE is now a FLOW;
  'write' has a different signature and 'write_all' has been removed.
* Set on_crash = 'preserve' in default Xen config.
* Automatically install dependencies again, but display the live output to the
* Include C stub libraries in linker command when generating Makefiles for Xen.
* Add `Vchan`, `Conduit` and `Resolver` code generators.
* Generate a `*.xe` script which can upload a kernel to a XenServer.
* Generate a libvirt `*.xml` configuration file (mirage/mirage#292).
* Fix determination of `mirage-xen` location for paths with spaces (mirage/mirage#279).
* Correctly show config file locations when using a custom one.
* Fix generation of foreign (non-functor) modules (mirage/mirage#293)

### 1.2.0 (2014-07-05)

The Mirage frontend tool now generates a Makefile with a `make depend`
target, instead of directly invoking OPAM as part of `mirage configure`.
This greatly improves usability on slow platforms such as ARM, since the
output of OPAM as it builds can be inspected more easily.  Users will now
need to run `make depend` to ensure they have the latest package set,
before building their unikernel with `make` as normal.

* Improve format of generated Makefile, and also colours in terminal output.
* Add `make depend` target to generated Makefile.
* Set `OPAMVERBOSE` and `OPAMYES` in the Makefile, which can be overridden.
* Add an `ENTROPY` device type for strong random sources (mirage/mirage#256).

### 1.1.3 (2014-06-15)

* Build OPAM packages in verbose mode by default.
* [types] Add `FLOW` based on `TCPV4`.
* travis: build mirage-types from here, rather than 1.1.0.

### 1.1.2 (2014-04-01)

* Improvement to the Amazon EC2 deployment script.
* [types] Augment STACKV4 with an IPV4 module in addition to TCPV4 and UDPV4.
* Regenerate with OASIS 0.4.4 (which adds natdynlink support)

### 1.1.1 (2014-02-21)

* Man page fixes for typos and terminology (mirage/mirage#220).
* Activate backtrace recording by default (mirage/mirage#225).
* Fixes in the `V1.STACKV4` to expose UDPv4/TCPv4 types properly (mirage/mirage#226).

### 1.1.0 (2014-02-05)

* Add a combinator interface to device binding that makes the functor generation
  significantly more succinct and expressive.  This breaks backwards compatibility
  with `` files from the 1.0.x branches.
* Integrate the `mirage-types` code into `types`.  This is built as a separate
  library from the command-line tool, via the `install-types` Makefile target.

### 1.0.4 (2014-01-14)

* Add default build tags for annot, bin_annot, principal and strict_sequence.
* Renane `KV_RO` to `Crunch`

### 1.0.3 (2013-12-18)

* Do not remove OPAM packages when doing `mirage clean` (mirage/mirage#143)
* [xen] generate a simple main.xl, without block devices or network interfaces.
* The HTTP dependency now also installs `mirage-tcp-*` and `mirage-http-*`.
* Fix generated Makefile dependency on source OCaml files to rebuild reliably.
* Support `Fat_KV_RO` (a read-only k/v version of the FAT filesystem).
* The Unix `KV_RO` now passes through to the underlying filesystem instead of calling `crunch`, via `mirage-fs-unix`.

### 1.0.2 (2013-12-10)

* Add `HTTP` support.
* Fix `KV_RO` configuration for OPAM autoinstall.

### 1.0.1 (2013-12-09)

* Add more examples to the FAT filesystem test case.
* Fix `mirage-tcpip-*` support
* Fix `mirage-net-*` support

### 1.0.0 (2013-12-09)

* Adapt the latest library releases for Mirage 1.0 interfaces.

### 0.10.0 (2013-12.08)

* Complete API rewrite
* [xen] XL configuration phase is now created during configure phase, was during run phase.

### 0.9.7 (2013-08-09)

* Generate code that uses the `Ipaddr.V4` interface instead of `Nettypes`.

### 0.9.6 (2013-07-26)

* fix unix-direct by linking the unix package correctly (previously it was always dropped).

### 0.9.5 (2013-07-18)

* completely remove the dependency on obuild: use ocamlbuild everywhere now.
* adapt for mirage-0.9.3 OS.Netif interfaces (abstract type `id`).
* do not output network config when there are no `ip-*` lines in the `.conf` file.
* do not try to install `mirage-fs` if there is no filesystem to create.
* added `` to setup xenbr0 with DNS, DHCP and masqerading under Linux.

### 0.9.4 (2013-07-09)

* build using ocamlbuild rather than depending on obuild.
* [xen] generate a symbol that can be used to produce stack traces with xenctx.
* mirari run --socket just runs the unikernel without any tuntap work.
* mirari run --xen creates a xl config file and runs `xl create -c unikernel.xl`.

### 0.9.3 (2013-06-12)

* Add a `--socket` flag to activate socket-based networking (UNIX only).
* Do not use OPAM compiler switches any more, as that's done in the packaging now.
* Use fd-passing in the UNIX backend to spawn a process.

### 0.9.2 (2013-03-28)

* Install `obuild` automatically in all compiler switches (such as Xen).
* Only create symlinks to `mir-foo` for a non-Xen target.
* Add a `mirari clean` command.
* Add the autoswitch feature via `mirari --switch=<compiler>` or the config file.

### 0.9.1 (2013-02-13)

* Fix Xen symlink upon build.
* Add a `--no-install` option to `mirari configure` to prevent invoking OPAM automatically.

### 0.9.0 (2013-02-12)

* Automatically install `mirage-fs` package if a filesystem crunch is requested.
* Remove the need for `mir-run` by including the final Xen link directly in Mirari.
* Add support for building Xen variants.
* Initial import of a unix-direct version.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
None yet

Successfully merging this pull request may close these issues.

None yet

4 participants