Data

Tools

Indexes

Applications

Experiments

Repos

An open API service providing repository metadata for many open source software ecosystems.

GitHub / cloud-hypervisor / cloud-hypervisor

A Virtual Machine Monitor for modern Cloud workloads. Features include CPU, memory and device hotplug, support for running Windows and Linux guests, device offload with vhost-user and a minimal compact footprint. Written in Rust with a strong focus on security.

JSON API: http://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cloud-hypervisor%2Fcloud-hypervisor
PURL: pkg:github/cloud-hypervisor/cloud-hypervisor

Stars: 4,717
Forks: 515
Open issues: 137

License: None
Language: Rust
Size: 26.4 MB
Dependencies parsed at: Pending

Created at: over 6 years ago
Updated at: 4 days ago
Pushed at: 4 days ago
Last synced at: 4 days ago

Topics: cloud-workloads, kvm, rust-vmm, virtualization

Releases
Date Semver
v47.0

v47.0

This release has been tracked in v47.0 group of our roadmap project.

Block Device Error Reporting to the Guest

Instead of exiting on I/O errors, the virtio-block device now reports
errors to the guest using VIRTIO_BLK_S_IOERR. It improves the user
experience particularly when the guest rootfs is not backed by the
affected block device. (#7107)

Nice Error Messages on Exit

We now have the chain of errors being reported and printed nicely, when
Cloud Hypervisor or ch-remote exits on errors. (#7066)

Alphabetically Sorted CLI Options for ch-remote

To improve readability, ch-remote now prints help information in
alphabetical order. (#7130)

Notable Bug Fixes

  • Error out early when block device serial is too long (#7124)
  • Fix partial commands being discarded for virtio-vsock (#7195)
  • Disable the broken interrupt support for the rtc_pl031 device to
    prevent spurious guest interrupts (#7199)

Deprecations

  • A default IP (192.168.249.1) and mask (255.255.255.0) are
    currently assigned to the virtio-net device if no value is specified
    by users. Such behavior is now deprecated. Users of this behavior will
    receive a warning message and should make adjustments. The behavior
    will be removed in two release cycles (v49.0).
about 2 months ago
Download
v46.0

v46.0

This release has been tracked in v46.0 group of our roadmap project.

File-level Locking Support with --disk

Now file-level locking is enforced for disk images, provided by users
with --disk. This ensures that only a single Cloud Hypervisor instance
can obtain write access to a given disk image at any time, preventing
misconfiguration and avoiding potential data corruption. (#6974)

Improved Error Reporting with VM Resizing

Instead of returning a generic error 400 (e.g. BadRequest), users
now get a more specific error 429 (e.g. TooManyRequests) when a
pending VM resizing is not completed. This allows users to better handle
different errors, say retrying the request when applicable. (#7043)

IPv6 Address Support with --net

It is now possible to specify an IPv6 address and mask when creating a
network interface with --net. (#7048)

Experimental AArch64 Support with the MSHV Hypervisor

It is now possible to start VMs on AArch64 platforms when using MSHV
hypervisor. (#7055)

Deprecated SGX Support

The SGX support now is deprecated with a warning message if it being
used, with the intention to remove its support from our code base in two
release cycles (e.g. v48.0). (#7090)

Notable Bug Fixes

  • Remove path as required for DiskConfig from the OpenAPI spec file
    (#7017)
  • Properly parse PCI capabilities (#7018)
  • Reprogram PCI device BAR when its MSE bit is set (#7063)
  • Update IOMMU mappings of MMIO regions with BAR reprogram for VFIO
    devices (#7064)
  • Avoid resizing VMs to zero vCPUs (#7086)
  • Fix extended topology enumeration leaf exposed to the guest (#7087)

Contributors

Many thanks to everyone who has contributed to our release:

4 months ago
Download
v45.0

v45.0

This release has been tracked in v45.0 group of our roadmap project.

Experimental riscv64 Architecture Support

Cloud Hypervisor now has experimental riscv64 architecture
support. Details can be found from the riscv
documentation.

Alphabetically Sorted CLI Options

To improve the readability of CLI options, the output of the --help
now is alphabetically sorted. (#6988)

Improved Downtime of VM Live Migration

The downtime of VM live migration is reduced via delaying some of the
tearing down process of the source VM after the destination VM is up and
running. (#6987)

Notable Bug Fixes

  • Fix seccomp filters related to http-api thread (#6967)
  • Handle cross-page access in the emulator for mshv (#6968)

Contributors

Many thanks to everyone who has contributed to our release:

5 months ago
Download
v44.0

v44.0

v44.0

This release has been tracked in our roadmap project as iteration
v44.0. The following user visible changes have been made:

Configurable virtio-iommu Address Width

The iommu_address_width option has been added to --platform to allow users
to limit the virtio-iommu address space in the guest. (#6900)

Notable Performance Improvements

The VIRTIO_BLK_F_SEG_MAX feature has been enabled for virtio-block devices,
which brings significant performance improvements on throughput. (#6885)

The io_uring entries are no longer forced to use async helper workers,
delegating the decision to the kernel. This change resolved the issue of having
excessive amount of worker threads when io_uring is being used, which is
expected to improve performance, such as reducing memory usage and reduce CPU
contention.

New Fuzzers

Our continuous fuzzing infrastructure is augmented with two new fuzzers to cover
x86 instruction emulator and virtio-vsock.

Notable Bug Fixes

  • Fix short read and short write that impact QCOW and VHDX support. (#6884)
  • Various bug fixes on VHDX support. (#6890, #6899)

Contributors

Many thanks to everyone who has contributed to our release:

v43.0

This release has been tracked in our roadmap
project as iteration
v43.0. The following user visible changes have been made:

Live Migration over TCP Connections

Support has been added to enable direct live migration from two hosts via TCP
connections. This supplements the existing support for migrating over a UNIX
socket which can then be tunnelled as desired. The documentation has been
updated. (#6850)

Notable Performance Improvements

The VIRTIO_RING_F_INDIRECT_DESC feature has been enabled for virtio-block
devices. This significantly increases the throughput of the devices with a
small negative impact on latency. (#6826)

Notable Bug Fixes

  • Cloud Hypervisor now accepts VFIO devices that use I/O PCI BARs on non x86-64
    architectures. Whether they function depends on the host PCI host bridge
    support - previously they would be rejected even if the driver did not use
    these BARs. (#6871)
  • Command line groups were adjusted to ensure that at least one payload
    parameter was provided if any other VM parameters provided. (#6832)

Contributors

Many thanks to everyone who has contributed to our release:

7 months ago
Download
v43.0

v43.0

This release has been tracked in our roadmap
project as iteration
v43.0. The following user visible changes have been made:

Live Migration over TCP Connections

Support has been added to enable direct live migration from two hosts via TCP
connections. This supplements the existing support for migrating over a UNIX
socket which can then be tunnelled as desired. The documentation has been
updated. (#6850)

Notable Performance Improvements

The VIRTIO_RING_F_INDIRECT_DESC feature has been enabled for virtio-block
devices. This significantly increases the throughput of the devices with a
small negative impact on latency. (#6826)

Notable Bug Fixes

  • Cloud Hypervisor now accepts VFIO devices that use I/O PCI BARs on non x86-64
    architectures. Whether they function depends on the host PCI host bridge
    support - previously they would be rejected even if the driver did not use
    these BARs. (#6871)
  • Command line groups were adjusted to ensure that at least one payload
    parameter was provided if any other VM parameters provided. (#6832)

Contributors

Many thanks to everyone who has contributed to our release:

9 months ago
Download
v42.0

v42.0

This release has been tracked in our roadmap
project as iteration
v42.0. The following user visible changes have been made:

SVE/SVE2 Support on AArch64

The SVE and SVE2 feature bits are now propagated through to the guest on
AArch64. (#6678, #6691)

Notable Bug Fixes

  • Reduce latency notification when rate limited (#6672)
  • Fix virtio-console resizing (#6704)
  • Fix resizing when console uses TTY (#6754)
  • Avoid deadlock in PCI BAR reprogramming that can occur when adding a new
    virtio device to a VM that has been restored (#6775)
  • Fix console resizing after VM restore (#6748)
  • Fix memory resize error due to incorrect bounds checks (#6736)

Sponsorships

During this release cycle a new VFIO CI worker has been provided by Crusoe
Energy and a new ARM64 CI worker has been provided by Ubicloud.

Contributors

Many thanks to everyone who has contributed to our release:

11 months ago
Download
v41.0

v41.0

This release has been tracked in our roadmap
project as iteration
v41.0. The following user visible changes have been made:

Experimental “Pvmemcontrol” Support

VMM support has been added for this experimental functionality (requires
currently out of tree Linux kernel patches) to allow guests to control its
physical memory properties to allow optimisations and security features.
(#6318, #6467)

Sandboxing With Landlock Support

Support for restricting the VMM process using the Linux kernel “Landlock” API
has been added - this can be used to restrict the files (and the read/write
permissions) that the VMM process can access. This adds another layer of
security alongside the existing sycall filters (seccomp) - this can be
enabled with --landlock and fully documentated. (#5170)

Notable Performance Improvements

  • Reduced heap allocations in virtio-net via the use of a cache of Iovec
    structures (#6636)
  • Notification suppression (“EVENT_IDX”) support has been added to
    virtio-block giving a 60% improvement in single queue block throughput and
    IOPs performance (#6580)
  • Correct size used for status field in virtio-block state (#6586)

Notable Bug Fixes

  • Avoid panic on out-of-bounds PCI MSI-X access (#6657)
  • Fix undefined behaviour on AArch64 leading to wrong optimisation on KVM API
    access (#6647)
  • Rust v1.80.0 added use of fcntl syscall on debug assertions so this is now
    included in the virtio-device seccomp filters for tests that use this (#6648)
  • Short reads are now handled correctly in the virtio-vsock device (#6621)
  • Fix undefined behaviour on TTY ioctl leading to wrong optimisation (#6568)

Contributors

Many thanks to everyone who has contributed to our release:

about 1 year ago
Download
v40.0

v40.0

This release has been tracked in our roadmap
project as iteration
v40.0. The following user visible changes have been made:

Support for Restoring File Descriptor Backed Network Devices

It is now possible to pass file descriptors over the HTTP API (and using
ch-remote) when restoring to update the file descriptors for network devices.
This enables snapshot & restore functionality for guests using macvtap or
other file descriptor backed network devices. (#6286)

Notable Bug Fixes

  • Default values have been removed from required fields in the OpenAPI metadata
    (#6495)
  • The help syntax of ch-remote remove-device has been improved (#6456)
  • A double close of file descriptors has been fixed when using --serial
    (#6486)
  • To prevent loops a limit on the nesting level for QCOW2 backing files has
    been introduced (#6482)
  • Boot time performance has been improved with multiple cores by avoiding
    cpuid instructions and by seeding the in kernel file descriptor table
    (#6498, #6478)
  • L1 cache details are more likely to be propagated into the guest (#6523)
  • The default topology for guests now uses multiple cores rather than sockets
    (#6504)

Contributors

Many thanks to everyone who has contributed to our release:

about 1 year ago
Download
v39.0

v39.0

This release has been tracked in our roadmap
project as iteration
v39.0. The following user visible changes have been made:

Variable Sizing of PCI Apertures for Segments

It is now possible to use --pci-segment to adjust the aperture size that
devices 32-bit and 64-bit PCI device BARs will be allocated from. Previously
the address space was equally distributed across all the segments which may
leave insufficient space for devices that require a large 32-bit space. With
this change the weighting per segment can be adjusted. (#6387)

Direct Booting with bzImages

Support for directly booting Linux from bzImages has been added.(#6200)

Support for NVIDIA GPUDirect P2P Support

The x_nv_gpudirect_clique option was added to --device to allow the
configuration of device P2P support with NVIDIA GPUs. (#6235)

Guest NMI Injection Support

A new API endpoint and ch-remote option added for injecting an NMI into the
guest. (#6047)

Notable Bug Fixes

  • Workaround for kernel bug affecting guest IRQ masking on AMD (#6353)
  • Correctly cleanup sigwinch_listener process (#6208)
  • Graceful shutdown of HTTP API thread (#6248, #6247)
  • Fix queue_affinity option in OpenAPI metadata (#6268)
  • Fix documentation to indicate only stream mode is supported by virtio-vsock
    (#6306)
  • Fix virtio-fs tag validation (#6358, #6359)
  • Add missing pvpanic device to OpenAPI metadata (#6372)
  • Fixes for nested virtualization with VFIO devices (#6110, #6298, #6297,
    #6319)
  • Fix for backing file for virtio-mem regions with snapshot/restore (#6337,
    #6338)
  • Explicitly mark FDs used for network devices as invalid across
    snapshot/restore (#6332, #6286)
  • Improve event-monitor events around reboot (#6277, #6274)
  • Fix potential deadlock around paused devices during live migration (#6293)
  • Fix panic when running ch-remote with no subcommand (#6230)
  • Fix hotplug of virtio devices after snapshot/restore and live migration
    (#6326, #6265)

Contributors

Many thanks to everyone who has contributed to our release:

over 1 year ago
Download
v37.1

v37.1

This is a bug fix release. The following issues have been addressed:

  • Fix several security advisories from dependencies (#6134, #6141)
  • Enable HTT flag to avoid crashing cpu topology enumeration software
    such as hwloc in the guest (#6146)
  • Enable nested virtualization on AMD if supported (#6106)
  • Handle non-power-of-two CPU topology properly (#6062)
  • Various bug fixes around virtio-vsock(#6080, #6091, #6095)
  • Align VFIO devices PCI BARs naturally (#6196)
over 1 year ago
Download