NEWS.rst 175 KB
Newer Older
1
2
3
4
5
6
7
8
9
10
================
libvirt releases
================

This is the list of official releases for libvirt, along with an overview of
the changes introduced by each of them.

For a more fine-grained view, use the `git log`_.


11
12
13
14
15
16
17
18
19
v7.8.0 (unreleased)
===================

* **Security**

* **Removed features**

* **New features**

20
21
22
23
24
25
26
27
28
29
30
31
  * nodedev: Add ability to automatically start mediated devices

    The autostart status of a persistent mediated devices can be managed with
    the new APIs ``virNodeDeviceSetAutostart()`` and
    ``virNodeDeviceGetAutostart()``. The corresponding virsh command is
    ``nodedev-autostart``. In addition, two new APIs were added to get
    additional information about node devices: ``virNodeDeviceIsPersistent()``
    checks whether the device is persistently defined, and
    ``virNodeDeviceIsActive()`` checks whether the node device is currently
    active. This information can also be retrieved with the new virsh command
    ``nodedev-info``.

32
33
34
35
36
* **Improvements**

* **Bug fixes**


Jiri Denemark's avatar
Jiri Denemark committed
37
v7.7.0 (2021-09-01)
38
39
40
41
===================

* **New features**

Pavel Hrdina's avatar
Pavel Hrdina committed
42
43
44
45
46
47
48
  * Add support for Fibre Channel VMID

    New VM element ``<fibrechannel appid=''/>`` was added to allow users to set
    their ``appid`` for each VM which will be used by kernel to create Fibre
    Channel VMID. This allows various QoS levels, access control or collecting
    telemetry data per VM.

49
50
* **Improvements**

51
52
53
54
55
56
57
58
59
60
61
62
63
64
  * virsh: Allow XML validation for define of: storage pool, network, secret,
    nwfilter, interface

    * Add flag ``VIR_STORAGE_POOL_DEFINE_VALIDATE`` to validate storage pool
      input xml. For virsh, users can use it as ``virsh pool-define --validate``.
    * Add flag ``VIR_NETWORK_DEFINE_VALIDATE`` to validate network input xml. For
      virsh, users can use it as ``net-define --validate``.
    * Add flag ``VIR_SECRET_DEFINE_VALIDATE`` to validate secret input xml. For
      virsh, users can use it as ``secret-define --validate``.
    * Add flag ``VIR_NWFILTER_DEFINE_VALIDATE`` to validate nwfilter input xml.
      For virsh, users can use it as ``nwfilter-define --validate``.
    * Add flag ``VIR_INTERFACE_DEFINE_VALIDATE`` to validate interface input xml.
      For virsh, users can use it as ``iface-define --validate``.

65
66
67
68
69
70
71
  * Add SecurityManager APIs for labeling network devices

    New ``virSecurityManagerSetNetdevLabel`` and ``virSecurityManagerSetNetdevLabel``
    APIs are introduced and implemented in the Apparmor security driver.
    The qemu driver uses the APIs to label vhostuser ports on hotplug and
    restore labeling on unplug.

72
73
74
75
76
  * vmx: Parse vm.genid and support super wide SCSI bus

    The genid attribute is now reported for VMX guests. Libvirt can now
    properly process super wide SCSI bus (64 units).

77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
  * qemu: Lifecycle action (``on_poweroff``/``on_reboot``) handling improvements

    The handling of lifecycle actions was fixed and improved in multiple ways:

    - ``restart-rename`` action was forbidden

      The action was never properly implemented in the qemu driver and didn't
      actually result in a restart of the VM but rather termination. The qemu
      driver now rejects such configurations.

    - ``preserve`` action was forbidden

      Similarly to the previous case this never worked as the intended semantics
      of the actions dictate. It's better to not allow it at all until there's a
      proper implementation

    - ``reboot`` action of ``on_poweroff`` now actually works

      The guest OS is now rebooted instead of terminating the VM when the
      ``reboot`` action is used and the guest OS powers down. Note that it's
      incompatible with ``on_reboot`` set to ``destroy``.

    - Changes in action action of ``on_reboot`` are now updated with qemu

      Libvirtd can now properly update the ``on_reboot`` action in qemu which
      allows proper handling when changing between ``reboot`` and ``destroy``
      actions. In addition, switching from ``reboot`` to ``destroy`` was
      forbidden for older qemus which don't support the update API as the guest
      could still reboot and execute some instructions until it was terminated.

107
108
* **Bug fixes**

109
110
111
112
113
114
115
116
117
118
119
120
  * qemu: Open chardev logfile on behalf of QEMU

    Guests with a logfile configured for their chardevs are now able to start
    even when no virtlogd is configured.

  * virhostmem: Handle numactl-less build in hugepages allocation/reporting

    Some architectures don't have notion of NUMA (e.g. s390x) but do support
    hugepages. Libvirt silently ignored requests to allocate/report hugepage
    pool when built without numactl. This is now fixed and the pool can be
    allocated/reported on properly.

121
122
123
124
125
126
127
128
  * qemu: Record proper ``backing`` format for overlays of qcow2+luks images

    Libvirt would record ``luks`` instead of ``qcow2`` into the metadata. In
    practice this is a problem only when inspecting images manually via
    ``qemu-img`` as with libvirt users must use full specification of the
    backing chain in the domain XML which supersedes information recorded in
    the image metadata.

129

Jiri Denemark's avatar
Jiri Denemark committed
130
v7.6.0 (2021-08-02)
131
132
===================

133
134
135
136
137
138
139
140
141
* **Security**

  * storage: Unlock pool objects on ACL check failures in ``storagePoolLookupByTargetPath`` (CVE-2021-3667)

    A logic bug in ``storagePoolLookupByTargetPath`` where the storage pool
    object was left locked after a failure of the ACL check could potentially
    deprive legitimate users access to a storage pool object by users who don't
    have access.

142
143
* **New features**

144
145
146
147
148
149
  * qemu: Incremental backup support via ``virDomainBackupBegin``

    libvirt-7.6 along with the unreleased qemu-6.1 will fully support the change
    block tracking features (block-dirty-bitmaps) to be able to do incremental
    backups and management of the checkpoint states via the appropriate APIs.

150
151
152
153
154
  * qemu: Add support for launch security type s390-pv

    Specifying s390-pv as launch security type in an s390 domain prepares for
    running the guest in protected virtualization secure mode, also known as
    IBM Secure Execution. This simplifies the definition and reduces the risk
155
156
    of an incorrect definition, e.g. by forgetting to specify ``iommu=on`` on
    all virtio devices.
157

158
159
160
161
162
163
  * domstats: Add haltpolling time statistic interface

    Domstats now provide the data of cpu haltpolling time. This feature relies
    on statistics available after kernel version 5.8. This will allow the user
    to get more accurate CPU usage information if needed.

164
165
* **Bug fixes**

166
  * qemu: Fix migration with ``VIR_MIGRATE_NON_SHARED_INC``
167

168
169
170
171
    libvirt 7.3.0 introduced a bug where ``VIR_MIGRATE_NON_SHARED_INC`` would
    not actually migrate the contents of the disk due to broken logic and at
    the same time could trigger migration of storage when
    ``VIR_MIGRATE_TUNNELLED`` is requested. This release fixes the bug.
172

173
174
175
176
177
178
179
  * qemu: Don't emit ``VIR_DOMAIN_EVENT_ID_BLOCK_THRESHOLD`` twice when registered with index

    When registering the threshold event with the index notation (e.g.
    ``vda[3]``) libvirt would emit the event also for ``vda`` if the image is
    in the top layer. The intention was to emit two events only when the
    original registration was done without the index.

180
181
182
183
184
185
  * qemu: Pass discard requests for disks with ``copy_on_read='on'``

    When a disk using the ``copy_on_read='on'`` option is configured also with
    ``discard='unmap'`` the discard requests will now be passed to the
    underlying image freeing up the space.

186

Jiri Denemark's avatar
Jiri Denemark committed
187
v7.5.0 (2021-07-01)
188
189
===================

190
191
192
193
194
195
196
197
* **Security**

  * svirt: fix MCS label generation (CVE-2021-3631)

    A flaw in the way MCS labels were generated could result in a VM's
    resource not being fully protected from access by another VM were
    it to be compromised. https://gitlab.com/libvirt/libvirt/-/issues/153

198
199
200
201
202
203
204
* **Removed features**

  * xen: Remove support for Xen < 4.9

    In accordance with our platform support policy, the oldest supported Xen
    version is now bumped from 4.6 to 4.9.

205
206
* **Improvements**

Peter Krempa's avatar
Peter Krempa committed
207
208
209
210
211
212
  * docs: Document disk serial truncation status quo

    Disk ``<serial>`` is being truncated by QEMU before passed to the guest.
    Since it's impossible to fix it without running into further regressions
    the documentation was improved to document the intricacies.

213
214
* **Bug fixes**

Peter Krempa's avatar
Peter Krempa committed
215
216
217
218
219
220
  * qemu: Fixed validation of disk ``iothread`` configuration

    The validation of ``iothread`` config was previously moved to a place where
    it caused bogus errors when address wasn't allocated when hotplugging a
    disk. The check is now removed as it wasn't actually necessary at all.

221

Jiri Denemark's avatar
Jiri Denemark committed
222
v7.4.0 (2021-06-01)
223
224
===================

225
226
227
228
229
230
231
* **Removed features**

  * qemu: Remove support for QEMU < 2.11

    In accordance with our platform support policy, the oldest supported QEMU
    version is now bumped from 1.5 to 2.11.

232
233
* **New features**

234
235
236
237
238
239
240
241
242
243
244
  * qemu: Add support for hotplugging ``<transient/>`` disks

    The disk hotplug code in the qemu driver now can handle hotplug of disks
    with automatically added overlay.

  * qemu: Add support for sharing base image of ``<transient/>`` disks

    Users can use ``<transient shareBacking='yes'/>`` to tell the qemu driver to
    never open the base image in write mode thus multiple VMs can share the
    same image. Note that the disk will be hotplugged during startup.

245
246
* **Improvements**

247
248
249
250
251
  * Add win-dmp crashdump format

    New ``win-dmp`` format for ``virDomainCoreDumpWithFormat`` API and/or virsh
    ``dump --format`` was introduced.

252
253
* **Bug fixes**

254
255
256
257
  * Allow 0 offset in XML schema for ``<slice type='storage' offset='0' size='321'/>``

    Having a 0 offset so that the size of the image can be limited is a
    valid configuration so it was allowed in the XML schema.
258

259

Jiri Denemark's avatar
Jiri Denemark committed
260
v7.3.0 (2021-05-03)
261
262
263
264
===================

* **New features**

265
266
267
268
269
  * xen: Support domains with more than 4TB

    The xen driver now supports domains with more than 4TB of memory with
    xen >= 4.13.

270
271
272
273
274
275
  * qemu: add socket for virtiofs filesystems

    Libvirt now supports ``filesystem`` devices that connect to
    a ``virtiofsd`` daemon launched outside of libvirtd, via the
    ``socket`` attribute of the ``source`` element.

276
277
278
279
280
281
282
283
284
285
286
  * nodedev: Add ability to manage persistent mediated devices

    Persistent mediated devices can now be managed with libvirt.
    ``virNodeDeviceDefineXML()`` defines a new device,
    ``virNodeDeviceUndefine()`` removes an existing definition, and
    ``virNodeDeviceCreate()`` starts a device definition that is currently
    inactive. Corresponding virsh commands ``nodedev-define``,
    ``nodedev-undefine``, and ``nodedev-start`` were also added.
    ``nodedev-list`` only lists active devices by default. Inactive device
    definitions can be shown with the new ``--inactive`` and ``--all`` flags.

Peter Krempa's avatar
Peter Krempa committed
287
288
289
290
291
292
293
294
  * qemu: Allow use of qemu's ``-compat`` option

    Curious developers or testers now can enable certain ``-compat`` modes which
    allow to notice use of deprecated commands and options as qemu will use the
    selected method to notify the user. The new behaviour can be requested using
    either the ``deprecation_behavior`` option in ``qemu.conf`` for all VMs or
    using ``<qemu:deprecation behavior='...'/>`` in the VM XML.

295
296
* **Improvements**

Peter Krempa's avatar
Peter Krempa committed
297
298
299
300
301
302
303
304
305
306
307
308
309
310
  * virsh: Improve errors with ``virsh snapshot-create-as``

    The XML document constructed by virsh was forced through XML schema
    validation which yielded unintelligible error messages in cases such as
    when the path to the new image did not start with a slash. XML documents
    are no longer validated as the XML parser actually has better error
    messages which allow users to figure the problem out quickly.

  * qemu: Terminate backing store when doing a full-chain block pull

    When pulling everything into the overlay image the chain can be terminated
    since we know that it won't depend on any backing image and thus can prevent
    attempts to probe the backing chain.

311
312
313
314
315
  * qemu: Expose disk serial in virDomainGetGuestInfo()

    The ``virDomainGetGuestInfo()`` reports disk serial number among with other
    disk information.

316
317
* **Bug fixes**

Peter Krempa's avatar
Peter Krempa committed
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
  * qemu: Fix crash of libvirt on full block pull of a disk

    When the persistent definition contains a compatible disk (meaning the
    definition of the running and persistent config match) a block pull job
    would leave a dangling pointer in the config definition which resulted
    in a crash.

  * qemu: Use proper job cancelling command

    Libvirt's API contract for aborting a block copy job in 'ready' state
    declares that the destination image of the copy will contain a consistent
    image of the disk from the time when the block job was aborted. This
    requires that libvirt uses the proper cancelling qemu command to ensure
    that the data is consistent which was not the case.

  * qemu: Don't attempt storage migration when there are no migratable disks

    Due to a logic bug introduced in the previous release libvirt would attempt
    to migrate disks in case when no disks are selected/eligible for migration.

  * qemu: Fix very rare race when two block job 'ready' events are delivered

    In certain high-load scenarios, qemu might deliver the 'ready' event twice
    and if it's delivered when pivoting to the destination during a block copy
    job, libvirt would get confused and execute the code as if the job were
    aborted.
344

345
346
347
348
349
350
351
352
353
354
355
356
357
358
  * lxc: Fix container destroy with CGroupsV2

    When an LXC container was started and the host used CGroupsV2 it might have
    had created nested controllers under the container's scope. Libvirt was
    unaware and thus destroying the container failed with a cryptic error:
    ``failed to get cgroup backend for 'pathOfController'``. The CGroup removal
    code was reworked and is now capable of dealing with such scenario.

  * bash-completion: Fix argument passing to $1

    Due to a bug in bash completion script, the auto completion did not work
    properly when a connection URI or read only flag were specified on
    ``virsh`` or ``virt-admin`` command line.

359

Jiri Denemark's avatar
Jiri Denemark committed
360
v7.2.0 (2021-04-01)
361
362
363
364
===================

* **New features**

365
366
367
368
369
370
371
372
373
374
375
  * qemu: Implement domain memory dirty rate calculation API

    New API ``virDomainStartDirtyRateCalc()`` and virsh command
    ``domdirtyrate-calc`` are added to start calculating a live domain's
    memory dirty rate.

  * qemu: Support reporting memory dirty rate stats

    The memory dirty rate stats can be obtained through ``virsh domstats
    --dirtyrate`` via the virConnectGetAllDomainStats API.

376
377
378
379
380
381
382
383
384
  * qemu: Full disk backups via ``virDomainBackupBegin``

    The qemu hypervisor driver now allows taking full disk backups via the
    ``virDomainBackupBegin`` API and the corresponding virsh wrapper.

    In future releases the feature will be extended to also support incremental
    backups (where only the difference since the last backup is copied) when
    qemu adds the required functionality.

385
386
387
388
389
  * Add support for audio backend specific settings

    With this release a new ``<audio/>`` element is introduced that allows
    users to configure audio output for their guests.

390
391
* **Improvements**

392
393
394
395
396
397
  * qemu: Compatibility with QEMU 6.0 for certain hot-(un)-plug operations

    Libvirt 7.2.0 is required for compatibility with the upcoming QEMU 6.0
    release for hotplug and hotunplug of certain devices and helpers, such as
    iothreads, chardevs, RNG devices, disks with secret, ...

398
399
400
401
402
403
404
405
406
407
408
  * qemu: Various improvements to embedded mode

    Embedded mode for the QEMU driver, as well as the ``virt-qemu-run`` tool
    saw improvements in handling of domain life cycle, temporary directories
    creation (important when using disk secrets) and other minor fixes.

  * Documentation of split daemon related config files

    Split daemons read configuration files upon their start. These were never
    documented though.

409
410
* **Bug fixes**

411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
  * Check host CPU for forbidden features

    CPU feature policy did not work as expected with ``host-passthrough`` and
    features supported by physical host. CPU features were not filtered out
    when ``@check`` was set to ``full``.

  * Fix virNetworkUpdate() to work with split daemons

    Due to a bug in our code, virNetworkUpdate() did not work with split daemon
    unless management application connected to virtnetworkd directly.

  * qemu: increase locked memory limit when a vDPA device is present

    Just like VFIO devices, vDPA devices may need to have all guest memory
    pages locked/pinned in order to operate properly. These devices are now
    included when calculating the limit for memory lock.

  * Don't log error if SRIOV PF has no associated netdev

    Some SRIOV PFs don't have a netdev associated with them in which case
    libvirtd reported an error and refused to start. This is now fixed.

  * qemu: Only raise memlock limit if necessary

    Attempting to set the memlock limit might fail if we're running
    in a containerized environment where ``CAP_SYS_RESOURCE`` is not
    available, and if the limit is already high enough there's no
    point in trying to raise it anyway.

  * Restore security context of swtpm.log

    If a guest with emulated TPM was started and the daemon was restarted
443
    afterwards, the security context of the per-domain ``swtpm.log`` file was
444
445
    not restored on domain shutdown leaving it unable to be started again.

446
447
448
449
450
451
  * virtlogd|virtlockd: Fixed crash when upgrading the daemons in-place

    A bug preventing the in-place upgrade of ``virtlogd`` and ``virtlockd``
    daemons was fixed, so they can again be upgraded without dropping the log
    file descriptors or locks on files.

452

Jiri Denemark's avatar
Jiri Denemark committed
453
v7.1.0 (2021-03-01)
454
455
===================

456
457
458
459
460
461
* **Portability**

  * Implement Apple Silicon support

    libvirt now runs on the ARM-based Apple Silicon Macs.

462
463
* **New features**

464
465
466
467
468
  * Introduce virtio-pmem ``<memory/>`` model

    The virtio-pmem is a virtio variant of NVDIMM and just like NVDIMM
    virtio-pmem also allows accessing host pages bypassing guest page cache.

469
470
471
472
473
  * Introduce ``<boot order/>`` for ``<filesystem>``

    Booting is possible from virtiofs filesystems. Introduce an option
    to control the boot order, like we do for other bootable devices.

474
475
476
477
478
479
480
481
482
483
484
485
  * hyperv: implement new APIs

    The ``virDomainUndefine()``, ``virDomainUndefineFlags()``,
    ``virDomainDefineXML()``, ``virDomainAttachDevice()``, and
    ``virDomainAttachDeviceFlags()``, ``virConnectListAllNetworks()``,
    ``virConnectNumOfNetworks()``, ``virNetworkLookupByName()``,
    ``virNetworkLookupByUUID()``, ``virConnectNumOfDefinedNetworks()``,
    ``virConnectListDefinedNetworks()``, ``virNetworkGetAutostart()``,
    ``virNetworkIsActive()``, ``virNetworkIsPersistent()``,
    ``virNetworkGetXMLDesc()``, and ``virDomainScreenshot()``, APIs have been
    implemented in the Hyper-V driver.

486
487
488
489
490
491
  * Support <teaming> element in plain <hostdev> devices

    This is useful when libvirt doesn't have the privileges necessary
    to set the hostdev device's MAC address (which is a necessary
    part of the alternate <interface type='hostdev'>).

492
493
494
495
496
497
  * Introduce ``<disk type='vhostuser'>`` support

    Introduces support for QEMU vhost-user-blk device that can be used
    to access storage exported via the vhost-user protocol by daemons such
    as the ``qemu-storage-daemon``.

498
499
* **Bug fixes**

500
501
502
503
504
505
506
507
508
509
510
511
512
513
  * qemu: Fix disk quiescing rollback when creating external snapshots

   If the qemu guest agent call to freeze filesystems failed when creating
   an external snapshot with ``VIR_DOMAIN_SNAPSHOT_CREATE_QUIESCE`` flag the
   filesystems would be unconditionally thawed. This could cause problems when
   the filesystems were frozen by an explicit call to ``virDomainFSFreeze``
   since the guest agent then rejects any further freeze attempts once are
   filesystems frozen, an explicit freeze followed by a quiesced snapshot
   would fail and thaw filesystems.

   Users are also encouraged to use ``virDomainFSFreeze/Thaw`` manually instead
   of relying on ``VIR_DOMAIN_SNAPSHOT_CREATE_QUIESCE`` if they need finer
   grained control.

514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
  * cgroups: Fix how we setup and configure cgroups on hosts with systemd

    When libvirt is running on host with systemd we register every VM with
    machined which creates the VM root cgroup for us as well. Before this fix
    we were directly modifying files in the VM root cgroup which was incorrect
    because all the files are managed by systemd. The implication was that any
    change done by libvirt to cgroup attributes supported by systemd could be
    removed which happens for example by running ``systemctl daemon-reload``.

    To fix the issue libvirt now uses DBus calls for some of the cgroup
    attributes that distribute the resources proportionally to the cgroup
    siblings and for the rest we have a new sub-cgroup that libvirt can
    managed directly.

    For more details why this is necessary see
    `systemd cgroup <https://systemd.io/CGROUP_DELEGATION/>`_ documentation.

531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
  * qemu: Fix swtpm device with aarch64

    The TPM TIS device name for x86 is ``tpm-tis``, whereas for aarch64 it is
    ``tpm-tis-device``. Fix the use of TPM TIS device with aarch64 by using
    the proper device name when building the QEMU command line.

  * libxl: Fix domain shutdown

    Commit fa30ee04a2 introduced the possibility of a race between the
    shutdown and death threads used to process domain shutdown and death
    events from libxl. On normal domain shutdown the shutdown thread handles
    all aspects of shutting down and cleaning up the domain. The death
    thread is only used to handle out-of-band domain destruction and is
    inhibited when domain shutdown is under libvirt's control. The race is
    avoided by also inhibiting the death thread when libvirt starts the
    shutdown thread.

548

Jiri Denemark's avatar
Jiri Denemark committed
549
v7.0.0 (2021-01-15)
550
551
===================

552
553
554
555
556
557
* **Project governance**

  * Formal handover of release tarball signing

    Starting from libvirt-6.6 the release tarballs are signed by Jiří Denemark.
    Releases starting with 7.0 contain a note from the previous maintainer
Tim Wiederhake's avatar
Tim Wiederhake committed
558
    Daniel Veillard officially handing over the signing of packages so that the
559
560
    transition can be verified.

561
562
* **New features**

563
564
565
566
567
568
  * nodedev: Add node device driver support for AP devices

    Add support for detecting and listing Adjunct Processor(AP) cards, AP
    queues and AP matrix devices (which are capable of MDEV) of a KVM host
    system in libvirt node device driver with correct object relationships.

569
570
571
572
573
574
575
  * qemu: Allow control of ``qcow2`` metadata cache

    In specific usecases such as when massive storage images are used it's
    possible to achieve better performance by increasing the metadata cache
    size. The new knob allows advanced users setting the size according to
    qemu's documentation to suit their image.

576
577
578
579
580
581
  * conf: Add support for keeping TPM emulator state

    Currently, swtpm TPM state file is removed when a transient domain is
    powered off or undefined. Add per-TPM emulator option ``persistent_state``
    for keeping TPM state.

582
583
* **Improvements**

584
585
586
587
588
589
590
591
592
593
594
  * qemu: Discourage users from polling ``virDomainGetBlockJobInfo`` for block
    job completion

    Document that waiting for events is a more robust solution.

  * secret: Relax XML schema for the ``usage`` name of a ``secret``

    Various bits of documentation of how to use libvirt with RBD volumes used
    an usage name which would not pass the XML validation. Relax the requirement
    to make such XMLs valid.

595
596
597
598
599
600
601
602
603
604
  * virnetdevopenvswitch: Various improvements

    The code that handles ``<interface type='vhostuser'/>`` was given various
    improvements. So far, libvirt assumed vhostuser interfaces are handled
    exclusively by OpenVSwitch and refused to start a guest if it was not so.
    Now a guest can be started successfully even if the interface is created by
    some other tool (e.g. ``dpdk-testpmd``). Also, the code that detects the
    interface name was adapted to new versions of OpenVSwitch and thus can
    detect name more reliably.

Tim Wiederhake's avatar
Tim Wiederhake committed
605
  * qemu: Report guest disks information in ``virDomainGetGuestInfo``
606
607
608
609
610

    Libvirt is now able to report disks and filesystems from the guest's
    perspective (using guest agent). And with sufficiently new guest agent
    (5.3.0 or newer) the API also handles disks on CCW bus.

611
612
* **Bug fixes**

613
614
615
616
617
618
619
620
621
622
623
  * qemu: Fix logic bug in inactive snapshot deletion

    This release fixes a bug introduced in libvirt-6.9 where libvirt's
    snapshot metadata would not be deleted on successful snapshot deletion.

  * qemu: Fix VMs with ``<iotune>`` on an empty cdrom

    Specifying ``<iotune>`` for an empty cdrom would prevent the VM from
    starting as qemu doesn't accept the tuning for an empty drive. We now
    postpone setting the parameters until a new media is inserted.

624
625
626
627
628
629
630
631
  * Avoid taking extra host memory when launching pSeries guests

    Under certain conditions, pSeries guests were being launched with more
    RAM than it was specified in the domain XML by the user. New pSeries
    domains created with libvirt 7.0.0 will always launch with the right
    amount of initial memory. Existing guests that migrate from an older
    libvirt version to 7.0.0 will not be affected by this change.

632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
  * qemu: Don't cache NUMA caps

    ``virsh capabilities`` contains ``<topology/>`` section which reports NUMA
    topology among with amount of free hugepages per each NUMA node. However,
    these amounts were not updated between calls.

  * networkGetDHCPLeases: Handle leases with infinite expiry time

    Since libvirt-6.3.0 it is possible to configure expiry time for DHCP
    leases. If the expiry time was infinite then ``virsh net-dhcp-leases``
    and NSS plugins refused to work.

  * qemu: Don't prealloc mem for real NVDIMMs

    If a real life NVDIMM is assigned to a guest via ``<memory model='nvdimm'/>``
    then QEMU is no longer instructed to preallocate memory
    for it. This prevents unnecessary wear on the NVDIMM.

  * network: Introduce mutex for bridge name generation

    When new libvirt network is defined or created and the input XML does not
    contain any bridge name, libvirt generates one. However, it might have
    happened that the same name would be generated for different networks if
    two or more networks were defined/created at once.

657

Jiri Denemark's avatar
Jiri Denemark committed
658
v6.10.0 (2020-12-01)
659
====================
660

661
662
663
664
665
666
667
668
669
670
671
* **Security**

  * qemu: Enable client TLS certificate validation by default for ``chardev``,
    ``migration``, and ``backup`` servers.

  The default value if qemu.conf options ``chardev_tls_x509_verify``,
  ``migrate_tls_x509_verify``, or  ``backup_tls_x509_verify`` are not specified
  explicitly in the config file and also the ``default_tls_x509_verify`` config
  option is missing are now '1'. This ensures that only legitimate clients
  access servers, which don't have any additional form of authentication.

672
673
* **New features**

674
675
676
677
678
679
680
  * qemu: Implement OpenSSH authorized key file management APIs

    New APIs (``virDomainAuthorizedSSHKeysGet()`` and
    ``virDomainAuthorizedSSHKeysSet()``) and virsh commands
    (``get-user-sshkeys`` and ``set-user-sshkeys``) are added to manage
    authorized_keys SSH file for user.

681
682
  * hyperv: implement new APIs

Jano Tomko's avatar
Jano Tomko committed
683
    The ``virDomainGetMaxMemory()``, ``virDomainSetMaxMemory()``,
684
685
686
687
688
    ``virDomainGetSchedulerType()``, ``virDomainGetSchedulerParameters()``,
    ``virDomainGetSchedulerParametersFlags()``, ``virDomainGetVcpus()``,
    ``virDomainGetVcpusFlags()``, ``virDomainGetMaxVcpus()``,
    ``virDomainSetVcpus()``, and ``virDomainSetVcpusFlags()`` APIs have been
    implemented in the Hyper-V driver.
689

690
691
* **Improvements**

692
693
694
695
696
697
698
699
  * virsh: Support network disks in ``virsh attach-disk``

    The ``virsh attach-disk`` helper command which simplifies attaching of disks
    without the need for the user to formulate the disk XML manually now
    supports network-backed images. Users can specify the protocol and host
    specification with new command line arguments. Please refer to the man
    page of virsh for further information.

700
701
* **Bug fixes**

702
703
704
705
706
707
708
  * remote: fixed performance regression in SSH tunnelling

    The ``virt-ssh-helper`` binary introduced in 6.8.0 had very
    poor scalability which impacted libvirt tunnelled migration
    and storage volume upload/download in particular. It has been
    updated and now has performance on par with netcat.

709
710
711
712
713
714
* **Removed features**

  * hyperv: removed support for the Hyper-V V1 WMI API

    This drops support for Windows Server 2008R2 and 2012.
    The earliest supported version is now Windows 2012R2.
715

716

Jiri Denemark's avatar
Jiri Denemark committed
717
v6.9.0 (2020-11-02)
718
719
720
721
===================

* **New features**

722
723
724
725
726
727
  * nodedev: Add support for channel subsystem (CSS) devices on S390

    A CSS device is represented as a parent device of a CCW device.
    This support allows to create vfio-ccw mediated devices with
    ``virNodeDeviceCreateXML()``.

728
729
730
731
732
  * qemu: Implement memory failure event

    New event is implemented that is emitted whenever a guest encounters a
    memory failure.

733
734
735
736
737
738
  * qemu: Implement support for ``<transient/>`` disks

    VMs based on the QEMU hypervisor now can use ``<transient/>`` option for
    local file-backed disks to configure a disk which discards changes made to
    it while the VM was active.

739
740
741
  * hyperv: implement new APIs

    The ``virConnectGetCapabilities()``, ``virConnectGetMaxVcpus()``,
Matt Coleman's avatar
Matt Coleman committed
742
743
744
745
746
    ``virConnectGetVersion()``, ``virDomainGetAutostart()``,
    ``virDomainSetAutostart()``, ``virNodeGetFreeMemory()``,
    ``virDomainReboot()``, ``virDomainReset()``, ``virDomainShutdown()``, and
    ``virDomainShutdownFlags()`` APIs have been implemented in the Hyper-V
    driver.
747

748
749
750
751
  * bhyve: implement virtio-9p filesystem support

    Implement virito-9p shared filesystem using the ``<filesystem/>`` element.

Jonathon Jongsma's avatar
Jonathon Jongsma committed
752
753
754
755
756
757
  * qemu: Add support for vDPA network devices.

    VMs using the QEMU hypervisor can now specify vDPA network devices
    using ``<interface type='vdpa'>``. The node device APIs also now
    list and provide XML descriptions for vDPA devices.

758
759
* **Bug fixes**

760
761
762
763
  * hyperv: ensure WQL queries work in all locales

    Relying on the "Description" field caused queries to fail on non-"en-US"
    systems. The queries have been updated to avoid using localized strings.
764

765
766
767
768
769
770
  * rpc: Fix ``virt-ssh-helper`` detection

    libvirt 6.8.0 failed to correctly detect the availability of the new
    ``virt-ssh-helper`` command on the remote host, and thus always used the
    fallback instead; this has now been fixed.

771

Jiri Denemark's avatar
Jiri Denemark committed
772
v6.8.0 (2020-10-01)
773
774
===================

775
776
777
778
779
780
781
782
* **Security**

  * qemu: double free in qemuAgentGetInterfaces() in qemu_agent.c

    Clients connecting to the read-write socket with limited ACL permissions
    may be able to crash the libvirt daemon, resulting in a denial of service,
    or potentially escalate their privileges on the system. CVE-2020-25637.

783
784
* **New features**

785
786
787
788
789
790
791
  * xen: Add ``writeFiltering`` attribute for PCI devices

    By default Xen filters guest writes to the PCI configuration space of a
    PCI hostdev, which may cause problems for some devices. The ``writeFiltering``
    attribute of the device's ``<source>`` element can be used to disable the
    filtering and allow all guest writes to the configuration space.

792
793
794
795
796
  * bhyve: Support setting the framebuffer resolution

    Libvirt can now set the framebuffer's "w" and "h" parameters
    using the ``resolution`` element.

fabianfreyer's avatar
fabianfreyer committed
797
798
799
800
801
802
803
  * bhyve: Support VNC password authentication

    Libvirt can now probe whether the bhyve binary supports
    VNC password authentication. In case it does, a VNC password
    can now be passed using the ``passwd`` attribute on
    the ``<graphics>`` element.

804
805
806
807
808
809
810
811
812
813
814
815
816
  * remote: ``virt-ssh-helper`` replaces ``nc`` for SSH tunnelling

    Libvirt now provides a ``virt-ssh-helper`` binary on the server
    side. The libvirt remote client will use this binary for setting
    up an SSH tunnelled connection to hosts. If not present, it will
    transparently fallback to the traditional ``nc`` tunnel. The new
    binary makes it possible for libvirt to transparently connect
    across hosts even if libvirt is built with a different installation
    prefix on the client vs server. It also enables remote access to
    the unprivileged per-user libvirt daemons (e.g. using a URI such as
    ``qemu+ssh://hostname/session``). The only requirement is that
    ``virt-ssh-helper`` is present in ``$PATH`` of the remote host.

817
818
819
820
821
822
823
  * esx: implement few APIs

    The ``virConnectListAllNetworks()``, ``virDomainGetHostname()``, and
    ``virDomainInterfaceAddresses()`` (only for
    ``VIR_DOMAIN_INTERFACE_ADDRESSES_SRC_AGENT`` source) APIs were implemented
    in the esx driver.

824
825
* **Improvements**

826
827
828
829
830
831
  * qemu: Allow migration over UNIX sockets

    QEMU migration can now be performed completely over UNIX sockets. This is
    useful for containerised scenarios and can be used in both peer2peer and
    direct migrations.

832
833
834
835
836
837
838
  * dbus: Use GLib implementation instead of libdbus

    Adopting GLib DBus implementation simplifies our code as libdbus provides
    low-level APIs where we had to have a lot of helper functions. With this
    change we also remove dependency on libdbus and possibly fix all the DBus
    related libvirtd crashes seen over the time.

839
840
841
842
843
  * Re-introduce NVDIMM auto-alignment for pSeries Guests

    The auto-alignment logic was removed in v6.7.0 in favor of requiring the
    size provided by the user to be already aligned; however, this had the
    unintended consequence of breaking some existing guests. v6.8.0 restores
844
845
    the previous behavior with an improvement: it also reflects the auto-aligned
    value in the domain XML.
846

847
848
  * qemu: Preserve qcow2 cluster size after external snapshots

849
    The new overlay image which is installed on top of the current chain when
Tim Wiederhake's avatar
Tim Wiederhake committed
850
    taking an external snapshot now preserves the cluster size of the original
851
    top image to preserve any performance tuning done on the original image.
852

853
854
* **Bug fixes**

855
856
  * qemu: Various (i)SCSI backed hostdev fixes

857
858
859
    (i)SCSI backed hostdevs now work again with an arbitrarily long
    user-specified device alias and also honor the 'readonly' property after a
    recent rewrite.
860

861
862
863
864
865
866
867
* **Removed features**

  * node_device: Remove HAL node device backend

    HAL is deprecated on all supported OS so there is no need to keep it
    in libvirt. udev backend is used on Linux OSes and devd can be eventually
    implemented as replacement for FreeBSD.
868

869

Jiri Denemark's avatar
Jiri Denemark committed
870
v6.7.0 (2020-09-01)
871
872
===================

873
874
875
876
877
878
* **Packaging changes**

  * Libvirt switch to Meson build system

    Libvirt abandoned autotools and switched to Meson build system.

879
880
* **New features**

881
882
883
884
885
886
  * qemu: Add support for initiator IQN configuration for iSCSI hostdevs

    Similarly to iSCSI ``<disk>`` users can use an ``<initiator>`` element
    inside ``<hostdev>`` with the same format to configure the ``IQN`` value
    used by the qemu initiator when connecting to an iSCSI target.

887
888
889
890
891
892
  * xen: Add support for device model command-line passthrough

    Xen supports passing arbitrary arguments to the QEMU device model using
    the ``device_model_args`` setting in xl.cfg(5). The libvirt xen driver now
    supports this using ``<xen:commandline/>`` XML extensions.

893
894
895
896
897
  * shmem: Add support for shmem-{plain, doorbell} ``role`` option

    The ``role`` attribute controls how the domain behaves on migration. With
    ``role=master``, the guest will copy the shared memory on migration to
    the destination host. With ``role=peer``, the migration is disabled.
898

899
900
901
902
903
904
  * bhyve: Sound device support

    This feature allows to configure guest sound device using
    the ``<sound>`` element, and map it to the host sound device using
    the ``<audio>`` element.

905
906
* **Improvements**

907
908
909
910
911
  * Allow sparse streams for block devices

    Sparse streams (e.g. ``virsh vol-download --sparse`` or ``virsh vol-upload
    --sparse``) now handle if one of the stream ends is a block device.

912
913
914
915
916
917
918
919
920
921
922
  * Remove NVDIMM auto-alignment for pSeries Guests

    This feature was introduced in libvirt v6.2.0 as part of the overall
    NVDIMM support for pSeries guests. The idea was to relieve the user
    from knowing ppc64 alignment details, but the end result is that we
    ended up with inconsistencies between domain XML and actual NVDIMM
    size the guest is using. To promote consistency between domain XML
    and the guest, unaligned NVDIMM sizes for pSeries guests will now be
    forbidden and no size auto-alignment will be made. Instead, libvirt will
    suggest an aligned round up size for the user.

923
924
925
926
927
  * apparmor: Several improvements

    Add support for virtiofs filesystem and allow QEMU to load old
    shared objects after upgrade.

928
929
* **Bug fixes**

930
931
932
933
934
935
936
  * virdevmapper: Deal with kernels without DM support

    In the previous release libvirt dropped libdevmapper in favor of its own
    implementation. However, it failed to deal correctly with kernels that
    either don't have device mapper enabled or where the dm-mod module is not
    loaded yet. This is now fixed.

937
938
939
940
941
942
943
944
945
946
947
948
949
950
951
952
953
954
955
956
957
958
959
960
961
962
963
964
965
966
  * resctrl: Use exclusive lock for /sys/fs/resctrl

    When two or more domains were attempted to start at once, due to a bug in
    implementation, resctrl was not locked properly and thus threads did not
    mutually exclude with each other resulting in not setting requested
    limitations.

  * mdev: Fix daemon crash when reattaching mdevs on assignment conflict

    If there's a list of mdevs to be assigned to a domain, but one of them (NOT
    the first) is already assigned to a different domain then libvirtd would
    crash. This is now fixed.

  * Fix logic in setting COW flag on btrfs

    When COW is not explicitly requested to be disabled or enabled, then
    libvirt should do nothing on non-BTRFS file systems.

  * Avoid crash due to race in glib event loop code

    Libvirt switched to glib event loop in 6.1.0 but it was also tickling a bug
    in glib code leading to the daemon crash. Libvirt way of calling glib was
    changed so the daemon crashes no more.

  * virdevmapper: Handle kernel without device-mapper support

    In the previous release, Libvirt dropped libdevmapper in favor of its own
    implementation. But the implementation did not handle kernels without
    device-mapper support. This is now fixed.

967
968
969
970
971
972
973
974
  * remove autogenerated macvtap names from migration XML

    Autogenerated macvtap device names were being left in the
    migration XML, which could result in libvirt erroneously deleting
    the macvtap device of a different guest in the aftermath of
    failing to restart the guest on the destination host. Removing the
    autogenerated names avoids this.

975

Jiri Denemark's avatar
Jiri Denemark committed
976
v6.6.0 (2020-08-02)
977
978
979
980
===================

* **New features**

981
982
983
984
985
  * Allow configuring of ACPI NUMA HMAT

    Libvirt allows configuring ACPI Heterogeneous Memory Attribute Table to
    hint software running inside the guest on optimization.

986
987
988
989
990
991
  * esx: Add a ``type`` attribute for mac addresses.

    This attribute allows (when set to ``static``) ignoring VMWare checks of the
    MAC addresses that would generate a new one if they were in its OUI
    (00:0c:29).

992
993
994
995
996
997
  * conf: add control over COW for storage pool directories

    The storage pool code now attempts to disable COW by default on btrfs, but
    management applications may wish to override this behaviour. This is now
    possible via new ``cow`` element.

998

999
1000
* **Improvements**

1001
1002
1003
1004
1005
  * esx: Change the NIC limit for recent virtualHW versions

    Specifying a virtualHW version greater or equal to 7 (ESXi 4.0) will allow
    you to use up to 10 NICs instead of 4 as it was previously.

1006
1007
1008
1009
1010
1011
1012
1013
1014
1015
  * qemu: Support encrypted TLS keys for NBD disks

    The secret key used for disks can now be encrypted similarly to TLS keys
    used for migration, chardev and others.

  * qemu: ``VIR_DOMAIN_EVENT_ID_BLOCK_THRESHOLD`` can now be registered for ``<mirror>``

    The event can now be used also for block copy destinations by using the
    index of the ``<mirror>`` image.

1016
1017
1018
1019
1020
1021
1022
1023
  * qemu: consider available CPUs in ``vcpupin/emulatorpin`` output

    This patch changes the default bitmap of ``vcpupin`` and ``emulatorpin``,
    in the case of domains with static vcpu placement, all available CPUs
    instead of all possible CPUs are returned making these APIs consistent with
    the behavior of ``vcpuinfo``.


1024
1025
* **Bug fixes**

1026
1027
1028
1029
1030
1031
1032
  * virdevmapper: Don't use libdevmapper to obtain dependencies

    When building domain's private ``/dev`` in a namespace, libdevmapper was
    consulted for getting full dependency tree of domain's disks. However, this
    meant that libdevmapper opened ``/dev/mapper/control`` which wasn't closed
    and was leaked to QEMU. CVE-2020-14339

1033
1034
1035
1036
1037
1038
1039
1040
1041
1042
  * qemu: Report correct ``index`` in ``VIR_DOMAIN_EVENT_ID_BLOCK_THRESHOLD``

    Starting from libvirt 5.10 with QEMU 4.2 the
    ``VIR_DOMAIN_EVENT_ID_BLOCK_THRESHOLD`` event would report incorrect device
    ``index`` when reported for an image from the backing chain of a disk.

  * qemu: Don't fail active layer block commit or block copy in certain cases

    Starting from libvirt-6.5 an active layer block commit or a block copy could
    fail if the same destination was used more than once.
1043

1044
1045
1046
1047
1048
1049
1050
1051
1052
1053
1054
1055
1056
1057
1058
1059
1060
1061
  * qemu: Don't change ownership of restore file

    When restoring a domain from a file, Libvirt no longer changes its ownership.

  * qemu: Set SPAPR TPM default to 2.0 and prevent 1.2 choice

    The firmware (SLOF) on QEMU for ppc64 does not support TPM 1.2, so prevent
    the choice of TPM 1.2 when the SPAPR device model is chosen and use a
    default of '2.0' (TPM 2) for the backend.

  * qemu: Do not set ``//cpu/@migratable`` for running domains

    Libvirt release of 6.4.0 started to fill the default value for
    ``//cpu/@migratable`` attribute according to QEMU support. However, active
    domains either have the migratable attribute already set or they were
    started with older Libvirt which doesn't support the attribute.


Daniel Veillard's avatar
Daniel Veillard committed
1062
v6.5.0 (2020-07-03)
1063
1064
1065
1066
===================

* **New features**

Michal Privoznik's avatar
Michal Privoznik committed
1067
1068
1069
1070
1071
1072
1073
1074
  * Allow firmware blobs configuration

    QEMU offers a way to tweak how firmware configures itself
    and/or provide new configuration blobs. New ``<sysinfo/>``
    type is introduced that will hold these new blobs.
    It's possible to either specify new value as a string or
    provide a filename which contents then serve as the value.

1075
1076
1077
1078
1079
1080
1081
  * nodedev: Add ability to create mediated devices

    Mediated devices can now be created with ``virNodeDeviceCreateXML()``. This
    functionality requires the ``mdevctl`` utility to be installed. The XML
    schema for node devices was expanded to support attributes for mediated
    devices.

1082
1083
1084
1085
1086
1087
1088
1089
1090
1091
1092
1093
1094
  * QEMU: add TPM Proxy device support

    libvirt can now create guests using a new device type called
    "TPM Proxy". The TPM Proxy connects to a TPM Resource Manager
    present in the host, enabling the guest to run in secure virtual
    machine mode with the help of an Ultravisor. Adding a TPM Proxy to
    a pSeries guest brings no security benefits unless the guest is
    running on a PPC64 host that has Ultravisor and TPM Resource Manager
    support. Only one TPM Proxy is allowed per guest. A guest using
    a TPM Proxy device can instantiate another TPM device at the same
    time. This device is supported only for pSeries guests via the new
    'spapr-tpm-proxy' model of the TPM 'passthrough' backend.

1095
1096
1097
1098
1099
1100
  * virhook: Support hooks placed in several files

    Running all scripts from directory /etc/libvirt/hooks/<driver>.d in
    alphabetical order. Hook script in old place will be executed
    as first for backward compatibility.

1101
1102
1103
1104
1105
1106
  * qemu: Add support for migratable host-passthrough CPU

    QEMU 2.12 made it possible for guests to use a migration-friendly
    version of the host-passthrough CPU. This feature is now exposed by
    libvirt.

1107
1108
* **Improvements**

1109
1110
1111
1112
1113
1114
1115
1116
1117
1118
1119
1120
1121
1122
1123
1124
  * network: Support NAT with IPv6

    It's now possible to use ``<nat ipv6="yes"/>`` in a libvirt network.

  * qemu: Auto-fill NUMA information for incomplete topologies

    If the NUMA topology is not fully described in the guest XML, libvirt
    will complete it by putting all unspecified CPUs in the first NUMA node.
    This is only done in the QEMU binary itself supports disjointed CPU
    ranges for NUMA nodes.

  * qemu: Assign hostdev-backed interfaces to PCIe slots

    All SR-IOV capable devices are PCIe, so when their VFs are assigned to
    guests they should end up in PCIe slots rather than conventional PCI ones.

1125
1126
* **Bug fixes**

1127
1128
1129
1130
1131
  * qemu: fixed crash in ``qemuDomainBlockCommit``

    This release fixes a regression which was introduced in libvirt v6.4.0
    where libvirtd always crashes when a block commit of a disk is requested.

1132
1133
1134
1135
1136
  * qemu: fixed zPCI address auto generation on s390

    Removes the correlation between the zPCI address attributes uid and fid.
    Fixes the validation and autogeneration of zPCI address attributes.

1137
1138
1139
1140
1141
  * qemu: Skip pre-creation of NVMe disks during migration

    libvirt has no way to create NVMe devices on the target host, so it now
    just makes sure they exist and let the migration proceed in that case.

1142
1143
1144
1145
1146
1147
1148
1149
1150
1151
1152
1153
1154
1155
1156
1157

v6.4.0 (2020-06-02)
===================

* **New features**

  * qemu: Add support for pvscsi controllers

    pvscsi is the VMware paravirtualized SCSI controller, which has been
    supported in QEMU for a number of years.

  * cpu: Report model information for ARM CPUs

    ``virsh capabilities`` will now include information about the host CPU when
    run on ARM machines.

1158
1159
1160
1161
1162
1163
  * qemu: support network interface downscript

    QEMU has the ability to run a script when a NIC is brought up and down.
    Libvirt only enables use of the up script. Now add support for postscript
    when NIC is down/detached.

1164
1165
1166
1167
1168
1169
1170
1171
1172
* **Improvements**

  * qemu: stricter validation for disk type='lun'

    The 'lun' type is meant for SCSI command passthrough, which can't be
    achieved if qemu's block layer features are used. Disk type='lun' is now
    allowed only when the format is 'raw' and no other block layer features are
    requested.

1173
1174
1175
1176
1177
1178
1179
1180
  * qemu: auto-fill of incomplete NUMA topologies

    Domains with incomplete NUMA topologies, where the sum of vCPUs in all NUMA
    cells is less than the total of vCPUs, will get their first NUMA cell to
    be auto-filled with the remaining vCPUs. This behavior reproduces what QEMU
    already does in these cases. Users are encouraged to provide complete NUMA
    topologies to avoid unexpected changes in the domain XML.

1181
1182
  * Cooperlake x86 CPU model is added

1183
1184
1185
1186
1187
1188
1189
1190
1191
1192
1193
1194
1195
1196
1197
1198
1199
1200
1201
1202
1203
1204
1205
* **Bug fixes**

  * qemu: fixed regression in network device hotplug with new qemu versions

    Starting from QEMU-5.0 it's required to conform to strict schema when
    hotplugging network devices. Libvirt didn't conform to the schema so in
    versions prior to 6.4.0 network device hotplug fails in certain cases. This
    version fixes it and adds stricter testing to prevent further issues.

  * remote: Look up libxl driver correctly

    This makes ``xen://`` connection URIs usable in split daemon mode.

  * systemd: Start libvirtd after firewalld/iptables services

    This solves an issue where iptables rules and chains created by libvirtd
    would get removed by a service started after it.

  * network: Re-create iptables chains on firewalld restart

    firewalld resets all iptables rules and chains on restart, and this
    includes deleting those created by libvirt.

1206
1207
1208
1209
  * qemu: reject readonly attribute for virtiofs

    virtiofs does not yet support read-only shares.

1210
1211
1212
1213
1214
1215
1216
1217
1218
1219
1220

v6.3.0 (2020-05-05)
===================

* **New features**

  * qemu: support disabling hotplug/unplug of PCIe devices

    libvirt can now set the "hotplug" option for pcie-root-ports and
    pcie-switch-downstream-ports, which can be used to disable hotplug/unplug
    of devices from these ports (default behavior is for these controllers to
1221
    accept all hotplug/unplug attempts, but this is often undesirable).
1222
1223
1224
1225
1226
1227
1228
1229
1230
1231
1232
1233
1234
1235
1236
1237
1238
1239
1240
1241
1242
1243
1244
1245
1246
1247
1248
1249
1250
1251
1252
1253
1254
1255
1256
1257
1258
1259

  * vbox: added support for version 6.0 and 6.1 APIs

    libvirt can now support use of the VirtualBox 6.0 and 6.1 APIs. This is
    compile tested only, so we are looking for feedback from users on how well
    it works in practice.

  * xen: Add support for 'e820_host' hypervisor feature

    ``e820_host`` is a Xen-specific option only available for PV guests. When
    enabled it provides the guest with a virtual e820 memory map based on the
    host one. It must be enabled to allow hotplugging PCI devices to PV guests,
    particularly when memory ballooning is enabled.

  * xen: Add support for 'passthrough' hypervisor feature

    ``passthrough`` is a Xen-specific option new to Xen 4.13 that enables PCI
    passthrough for guests. It must be enabled to allow hotplugging PCI
    devices.

  * qemu: support async IO mode 'io_uring'

    Linux 5.1 introduces a fast and efficient async IO interface io_uring, then
    qemu implements that in version 5.0. It could be used in file, host device
    and host cdrom backend by ``io='io_uring'`` of disk XML.

  * Lease time option included for network DHCP settings

    Users can now configure expiry time for leases for networks where libvirt
    manages DHCP. The time can be specified for whole range and/or fine tuned
    per individual host.

  * qemu: Implement pSeries Spectre mitigation features

    Users can now setup the following capabilities of pSeries guests: CFPC
    (Cache Flush on Privilege Change), SBBC (Speculation Barrier Bounds
    Checking) and IBS (Indirect Branch Speculation).

Yanqiu Zhang's avatar
Yanqiu Zhang committed
1260
1261
1262
1263
1264
  * qemu: Add support for virtio packed option

    The ``packed`` attribute controls if QEMU should try to use packed
    virtqueues. Possible values are ``on`` or ``off``.

1265
1266
1267
1268
1269
1270
1271
1272
1273
1274
1275
1276
1277
1278
1279
1280
1281
1282
1283
1284
1285
1286
1287
1288
1289
1290
1291
1292
1293
1294
1295
1296
1297
1298
1299
1300
1301
1302
1303
1304
1305
1306
1307
1308
1309
1310
1311
1312
1313
1314
1315
1316
1317
1318
1319
1320
1321
1322
1323
1324
1325
1326
1327
1328
1329
1330
1331
1332
1333
1334
1335
1336
1337
1338
1339
1340
1341
1342
1343
1344
1345
1346
1347
1348
1349
1350
1351
1352
1353
1354
1355
1356
1357
1358
1359
1360
1361
1362
1363
1364
1365
1366
1367
1368
1369
1370
1371
1372
1373
1374
1375
1376
1377
1378
1379
1380
1381
1382
1383
1384
1385
1386
1387
1388
1389
1390
1391
1392
1393
1394
1395
1396
1397
1398
1399
1400
1401
1402
1403
1404
1405
1406
1407
1408
1409
1410
1411
1412
1413
1414
1415
1416
1417
1418
1419
1420
1421
1422
1423
1424
1425
1426
1427
1428
1429
1430
1431
1432
1433
1434
1435
1436
1437
1438
1439
1440
1441
1442
1443
1444
1445
1446
1447
1448
1449
1450
1451
1452
1453
1454
1455
1456
* **Improvements**

  * qemu: Allow checkpoint redefine for offline VMs

    Skip the liveness and capability checks when redefining checkpoints as we
    don't need QEMU interactions to update the metadata.

  * daemons: Improve timeout handling

    Daemons now support ``--timeout 0`` which suppresses daemon killing after
    given time of inactivity.

  * qemu: Add support for 'multidevs' option

    This option prevents misbehaviours on guest if a QEMU 9pfs export contains
    multiple devices, due to the potential file ID collisions this otherwise
    may cause.

* **Bug fixes**

  * qemu: Various embed driver fixes

    When using shared resources from embed driver (e.g. hugepages, machined,
    etc.) libvirt now generates an unique handler that is not conflicting with
    other embed drivers or system or session daemons.

  * cpu: Distinguish Cascadelake-Server from Skylake-Server

    Libvirt now properly detects Cascadelake-Server and Skylake-Server
    processors which differ only in stepping.

  * qemu: Fix domain restore from a block device

    When using namespaces, libvirt was unable to restore a domain from a block
    device because libvirt tried to relabel the device inside the namespace
    while QEMU was given FD to the block device in the host.

  * node_device_udev: Handle move events

    Libvirt now handles ``move`` event which is emitted on a NIC rename.

  * qemu: Fix capabilities probing with TCG

    Libvirt no long assumes TCG is always available. It now detects whether
    QEMU supports TCG and reports it accordingly.

* **Removed features**

  * vbox: removed support for version 5.0 and 5.1 APIs

    libvirt no longer supports use of VirtualBox 5.0 and 5.1 since these
    versions reached their end of life on 2017/05 and 2018/04 respectively.


v6.2.0 (2020-04-02)
===================

* **New features**

  * qemu: NVDIMM support for pSeries guests

    QEMU 5.0 implements NVDIMM memory support for pSeries guests. This is done
    by adding an 'uuid' element in the memory XML, which can either be provided
    in the XML or, if omitted, generated automatically.

  * qemu: Add virtiofs support

    This feature, introduced in QEMU 4.2, is a more modern alternative to
    virtio-9p, which is exposed through the same ``<filesystem/>`` element.

  * admin: Support reloading TLS certificates

    After renewing TLS certificates, it was usually necessary to restart
    libvirtd for the new ones to be loaded: now the same result can be obtained
    without restarting the daemon by using ``virt-admin server-update-tls`` .

* **Removed features**

  * Removed support for INI style of comments

    With switching of our internal code to GLib, parsing of client
    authentication config files is handed over to GLib which does not support
    ``INI`` style of comments starting with a semicolon ( ``;`` ). Use number
    sign ( ``#`` ) instead.

* **Improvements**

  * qemu: Don't compare local and remote hostnames on migration

    This check was introduced to prevent same-host migration, but did not work
    as expected when multiple libvirtd instances were running on the same host
    but in different containers. With this release, the host UUID (which should
    be unique to the container) is checked instead.

  * qemu: Use per-VM event loops

    Instead of using a single even loop to process communication with the QEMU
    monitor and guest agent, create a separate one for each VM. This helps with
    scalability and prevents scenarios where a single malfunctioning VM could
    affect all those running on the same host.

  * qemu: Support migration with SLIRP helper interface

    With QEMU 5.0, a new D-Bus backend allows migration of external processes.
    When needed, libvirt will start a per-vm D-Bus bus, and migrate the
    slirp-helper along with QEMU.

* **Bug fixes**

  * qemu: Open backing chain late for shallow block copy reusing external
    images

    With introduction of -blockdev for QEMU storage configuration in
    libvirt-5.10 we've started opening the backing chain of the
    destination/mirror of a virDomainBlockcopy started with
    VIR_DOMAIN_BLOCK_COPY_REUSE_EXT | VIR_DOMAIN_BLOCK_COPY_SHALLOW flags when
    starting the job rather than when virDomainBlockJobAbort with
    VIR_DOMAIN_BLOCK_JOB_ABORT_PIVOT is issued. For users depending on this
    undocumented quirky pre-blockdev behaviour this caused a regression as the
    backing chain could not be modified while the copy of the top image was
    progressing due to QEMU image locking. Note that this fix also requires
    qemu-5.0 while -blockdev is used starting from QEMU-4.2.

  * Don't generate machine names containing dots

    Even though the guest name containing dots is not a problem for libvirt
    itself, we need to strip them out when registering with machined because of
    the latter's requirements.


v6.1.0 (2020-03-03)
===================

* **New features**

  * qemu: new rng backend type: builtin

    It implements qemu builtin rng backend. That uses getrandom syscall to
    generate random, no external rng source needed. Available since QEMU 4.2.

  * support for virtio+hostdev NIC <teaming>

    QEMU 4.2.0 and later, combined with a sufficiently recent guest virtio-net
    driver (e.g. the driver included in Linux kernel 4.18 and later), supports
    setting up a simple network bond device comprised of one virtio emulated
    NIC and one hostdev NIC (which must be an SRIOV VF). (in QEMU, this is
    known as the "virtio failover" feature). The allure of this setup is that
    the bond will always favor the hostdev device, providing better
    performance, until the guest is migrated - at that time QEMU will
    automatically unplug the hostdev NIC and the bond will send all traffic via
    the virtio NIC until migration is completed, then QEMU on the destination
    side will hotplug a new hostdev NIC and the bond will switch back to using
    the hostdev for network traffic. The result is that guests desiring the
    extra performance of a hostdev NIC are now migratable without network
    downtime (performance is just degraded during migration) and without
    requiring a complicated bonding configuration in the guest OS network
    config and complicated unplug/replug logic in the management application on
    the host - it can instead all be accomplished in libvirt with the interface
    <teaming> subelement "type" and "persistent" attributes.

  * support BR_ISOLATED flag for guest interfaces attached to a Linux host
    bridge

    Since Linux kernel 4.18, the Linux host bridge has had a flag BR_ISOLATED
    that can be applied to individual ports. When this flag is set for a port,
    traffic is blocked between that port and any other port that also has the
    BR_ISOLATED flag set. libvirt domain interface config now supports setting
    this flag via the <port isolated='yes'/> setting. It can also be set for
    all connections to a particular libvirt network by setting the same option
    in the network config - since the port for the host itself does not have
    BR_ISOLATED set, the guests can communicate with the host and the outside
    world, but guests on that network can't communicate with each other. This
    feature works for QEMU and LXC guests with interfaces attached to a Linux
    host bridge.

  * qemu: Introduce the 'armvtimer' timer type

    QEMU 5.0 introduces the ability to control the behavior of the virtual
    timer for KVM ARM/virt guests, and this new timer type exposes the same
    capability to libvirt users.

  * qemu: Storage configuration improvements

    Libvirt now accepts ``<backingStore type='volume'>`` and allows specifying
    the offset and size of the image format container inside the storage source
    via the ``<slices>`` subelement.

  * qemu: Introduce the 'tpm-spapr' TPM model

    This device, available starting from QEMU 5.0, is limited to pSeries
    guests.

Yanqiu Zhang's avatar
Yanqiu Zhang committed
1457
1458
1459
1460
1461
1462
1463
1464
1465
1466
1467
1468
1469
  * qemu: support Panic Crashloaded event handling

    The pvpanic device now supports a 'crashloaded' event, which is emitted
    when a guest panic has occurred but has already been handled by the guest
    itself.

  * qemu: Implement virDomainGetHostnameFlags

    The ``--source`` argument to ``virsh domhostname`` can be used to specify
    what data source to use for the domain hostnames. Currently, in addition
    to the 'agent', libvirt can also use 'lease' information from dnsmasq to
    get the hostname.

1470
1471
1472
1473
1474
1475
1476
1477
1478
1479
1480
1481
1482
1483
1484
1485
1486
1487
1488
1489
1490
1491
1492
1493
1494
1495
1496
1497
1498
1499
1500
1501
1502
1503
1504
1505
1506
1507
1508
1509
1510
1511
1512
1513
1514
1515
1516
1517
1518
1519
1520
1521
1522
1523
1524
1525
1526
1527
1528
1529
1530
1531
1532
1533
1534
1535
1536
1537
1538
1539
1540
1541
1542
1543
1544
1545
1546
1547
1548
1549
1550
1551
1552
1553
1554
1555
1556
1557
1558
1559
1560
1561
1562
1563
1564
1565
1566
1567
1568
1569
1570
1571
1572
1573
1574
1575
1576
1577
1578
1579
1580
1581
1582
1583
1584
1585
1586
1587
1588
1589
1590
1591
1592
1593
1594
1595
1596
1597
1598
1599
1600
1601
1602
1603
1604
1605
1606
1607
1608
1609
1610
1611
1612
1613
1614
1615
1616
1617
1618
1619
1620
1621
1622
1623
1624
1625
1626
1627
1628
1629
1630
1631
1632
1633
1634
1635
1636
1637
1638
1639
1640
1641
1642
1643
1644
1645
1646
1647
1648
1649
1650
1651
1652
1653
1654
1655
1656
1657
1658
1659
1660
1661
1662
1663
1664
1665
1666
1667
1668
1669
1670
1671
1672
1673
1674
1675
1676
1677
1678
1679
1680
1681
1682
1683
1684
1685
1686
1687
1688
1689
1690
1691
1692
1693
1694
1695
1696
1697
1698
1699
1700
1701
1702
1703
1704
* **Improvements**

  * qemu: Image format probing is allowed in certain cases

    To resolve regressions when users didn't specify the backing image format
    in the overlay, libvirt now probes the format in certain secure scenarios
    which fixes a few common existing cases. Additionally the knowledge base
    was extended to provide more information on how to rectify the problem.

  * qemu: Support "dies" in CPU topology

    This CPU topology concept, new in QEMU 4.1.0, sits between the existing
    "socket" and "core".

  * libxl: Add support for Credit2 scheduler parameters

  * lxc: Add support LXC 3 network configuration format

* **Bug fixes**

  * conf: Do not generate machine names ending with a dash

    Recent systemd versions do not allow them.

* **Packaging changes**

  * use of gnulib has been completely eliminated

    Historically libvirt has embedded gnulib to provide fixes for various
    platform portability problems. This usage has now been eliminated and
    alternative approaches for platform portability problems adopted where
    required. This has been validated on the set of platforms covered by
    automated CI build testing. Other modern Linux distros using glibc are
    expected to work. Linux distros using non-glibc packages, and other
    non-Linux platforms may encounter regressions when building this release.
    Please report any build problems encountered back to the project
    maintainers for evaluation.


v6.0.0 (2020-01-15)
===================

* **Packaging changes**

  * support for python2 is removed

    Libvirt is no longer able to be built using the Python 2 binary. Python 3
    must be used instead.

  * docs: the python docutils toolset is now required

    The use of rst2html has been introduced for the website build process since
    docs are now being written in the RST as an alternative to HTML.

* **New features**

  * new PCI hostdev address type: unassigned

    A new PCI hostdev address type 'unassigned' is introduced. An unassigned
    PCI hostdev behaves like any regular PCI hostdev inside Libvirt, but it is
    not usable by the guest. This gives the user a new option to manage the
    binding of PCI devices via Libvirt, declaring PCI hostdevs in the domain
    XML but allowing just a subset of them to be assigned to the guest.

  * Provide init scripts for sub-deaemons

    So far libvirt shipped systemd unit files for sub-daemons. With this
    release, init scripts are available too. Package maintainers can choose
    which one to install via ``--with-init-script`` configure option.

  * qemu: Support cold-unplug of sound devices

  * qemu: Implement VIR_MIGRATE_PARAM_TLS_DESTINATION

    This flag, which can be enabled using ``virsh`` 's ``--tls-destination``
    option, allows migration to succeed in situations where there is a mismatch
    between the destination's hostname and the information stored in its TLS
    certificate.

  * qemu: Support reporting memory bandwidth usage stats

    Implement Intel RDT-MBM in libvirt. The stats can be obtained via ``virsh
    domstats --memory`` .

  * qemu: Allow accessing NVMe disks directly

    Before this release there were two ways to configure a NVMe disk for a
    domain. The first was using <disk/> with the <source/> pointing to the
    ``/dev/nvmeXXXX`` . The other was using PCI assignment via <hostdev/>
    element. Both have their disadvantages: the former adds latency of file
    system and block layers of the host kernel, the latter prohibits domain
    migration. In this release the third way of configuring NVMe disk is added
    which combines the advantages and drops disadvantages of the previous two
    ways. It's accessible via <disk type='nvme'/>.

* **Removed features**

  * 'phyp' Power Hypervisor driver removed

    The 'phyp' Power Hypervisor driver has not seen active development since
    2011 and does not seem to have any real world usage. It has now been
    removed.

* **Improvements**

  * qemu: xz save image compression is faster

    When using the xz format to compressed virtual machine saved state images,
    the "-3" compression level preset is now used. This results in slightly
    larger files, but with a massively reduced time to compress. The xz format
    offers the best compression level for saved state images, albeit still with
    the slowest running time. For the fastest possible running time, at cost of
    the larest compressed size, lzop should be used.

  * domain: Improve job stat handling

    It is now possible to retrieve stats for completed and failed jobs.

  * qemu: Don't hold monitor and agent job at the same time

    Before this change, a malicious (or buggy) ``qemu-guest-agent`` running in
    the guest could make other libvirt APIs unavailable for an unbounded amount
    of time.

* **Bug fixes**

  * qemu: Report error if backing image format is not specified explicitly

    For a long time libvirt was assuming that a backing file is RAW when the
    format was not specified. This didn't pose a problem until blockdev support
    was enabled in last release. Libvirt now requires that the format is
    specified in the image metadata or domain XML and the VM will refuse to
    start otherwise. Additionally the error message now links to the knowledge
    base which summarizes how to fix the images.

  * qemu: Fix non-shared storage migration over NBD

  * qemu: Generate a single MAC address for hotplugged network devices

    Since libvirt 4.6.0, when hotplugging a network device that didn't have a
    MAC address already assigned by the user, two separate addresses would be
    generated: one for the live configuration, which would show up immediately,
    and one for the inactive configuration, which would show up after the first
    reboot. This situation was clearly undesirable, so a single MAC address is
    now generated and used both for the live configuration and the inactive
    one.


v5.10.0 (2019-12-02)
====================

* **New features**

  * qemu: Introduce support for ARM CPU features

    The only features supported at the moment are SVE vector lengths, which
    were introduced in QEMU 4.2.0.

  * qemu: Support boot display for GPU mediated devices

    Until now, GPU mediated devices generally did not show any output until the
    guest OS had initialized the vGPU. By specifying the ``ramfb`` attribute,
    QEMU can be configured to use ramfb as a boot display for the device: this
    allows for display of firmware messages, boot loader menu, and other output
    before the guest OS has initialized the vGPU.

  * Add API to change the response timeout for guest agent commands

    By default, when a command is sent to the guest agent, libvirt waits
    forever for a response from the guest agent. If the guest is unresponsive
    for any reason, this can block the calling thread indefinitely. By setting
    a custom timeout using ``virDomainAgentSetResponseTimeout()`` , API users
    can change this behavior.

* **Improvements**

  * Devices CGroup v2 support

    Libvirt supported all controllers of CGroup v2 but the devices controller
    which is implemented in this release.

  * Cold plug of sound device

    The QEMU driver now can handle cold plug of ``<sound/>`` devices.

  * Probe for default CPU types

    With QEMU 4.2.0 we can probe for the default CPU model used by QEMU for a
    particular machine type and store it in the domain XML. This way the chosen
    CPU model is more visible to users and libvirt will make sure the guest
    will see the exact same CPU after migration.

  * Adaptation to qemu's blockdev

    QEMU introduced a new way of specifying disks on the command line which
    enables fine-grained control over the block stack. Libvirt has adapted to
    this.

* **Refactors**

  * More GLib integration

    More patches were merged that replace our internal functions with GLib
    ones. Also some effort was invested in replacing gnulib modules with GLib
    functions.

  * Rewrite of Perl scripts into Python

    Libvirt used Perl scripts to check for coding style, generate some code and
    things like that. To bring the number of languages used down, these scripts
    were rewritten into Python.

* **Bug fixes**

  * Warn verbosely if using old loader:nvram pairs

    Some distributions still use ``--with-loader-nvram`` or ``nvram`` variable
    in qemu.conf. This is now discouraged in favour of FW descriptors. However,
    instead of silently ignoring user's config, libvirt warns if outdated
    config is detected.

  * Drop pconfig from Icelake-Server CPU model

    The pconfig feature was enabled in QEMU by accident in 3.1.0. All other
    newer versions do not support it and it was removed from the Icelake-Server
    CPU model in QEMU.

  * Wait longer for device removal confirmation on PPC64

    After sending device hot unplug request to QEMU, libvirt waits up to 5
    seconds for qemu to confirm the device removal. On some architectures (like
    PPC64) this can take longer time and libvirt now reflects that.

  * Forcibly create nodes in domain's namespace

1705
    The QEMU driver starts a domain in a namespace with private ``/dev`` and
1706
1707
1708
1709
1710
1711
1712
1713
1714
1715
1716
1717
1718
1719
1720
1721
1722
1723
1724
1725
1726
1727
1728
1729
1730
1731
1732
1733
1734
1735
1736
1737
1738
1739
1740
1741
1742
1743
1744
1745
1746
1747
1748
1749
1750
1751
1752
1753
1754
1755
1756
1757
1758
1759
1760
1761
1762
1763
1764
1765
1766
1767
1768
1769
1770
1771
1772
1773
1774
1775
1776
1777
1778
1779
1780
1781
1782
1783
1784
1785
1786
1787
1788
1789
1790
1791
1792
1793
1794
1795
1796
1797
1798
1799
1800
1801
1802
1803
1804
1805
1806
1807
1808
1809
1810
1811
1812
1813
1814
1815
1816
1817
1818
1819
1820
1821
1822
1823
1824
1825
1826
1827
1828
1829
1830
1831
1832
1833
1834
1835
1836
1837
1838
1839
1840
1841
1842
1843
1844
1845
1846
1847
1848
1849
1850
1851
1852
1853
1854
1855
1856
1857
1858
1859
1860
1861
1862
1863
1864
1865
1866
1867
1868
1869
1870
1871
1872
1873
1874
1875
1876
1877
1878
1879
1880
1881
1882
1883
1884
1885
1886
1887
1888
1889
1890
1891
1892
1893
1894
1895
1896
1897
1898
1899
1900
1901
1902
1903
1904
1905
1906
1907
1908
1909
1910
1911
1912
1913
1914
1915
1916
1917
1918
1919
1920
1921
1922
1923
1924
1925
1926
1927
1928
1929
1930
1931
1932
1933
1934
1935
1936
1937
1938
1939
1940
1941
1942
1943
1944
1945
1946
1947
1948
1949
1950
1951
1952
1953
1954
1955
1956
1957
1958
1959
1960
1961
1962
1963
1964
1965
1966
1967
1968
1969
1970
1971
1972
1973
1974
1975
1976
1977
1978
1979
1980
1981
1982
1983
1984
1985
1986
1987
1988
1989
1990
1991
1992
1993
1994
1995
1996
1997
1998
1999
2000
2001
2002
2003
2004
2005
2006
2007
    creates only those nodes there which the domain is configured to have.
    However, it may have happened that if a node changed its minor number this
    change wasn't propagated to the namespace.

  * Various AppArmor bugfixes

    The AppArmor driver now knows how to handle ``<shmem/>`` devices and also
    snapshotting more disks at once.

  * Improved video model autoselection

    If a graphics device was added to XML that had no video device, libvirt
    automatically added a video device which was always of type 'cirrus' on
    x86_64, even if the underlying qemu didn't support cirrus. Libvirt now
    bases the decision on qemu's capabilities.


v5.9.0 (2019-11-05)
===================

* **Packaging changes**

  * Start linking against GLib and using its features

    Up until now, libvirt has been dealing with platform portability and the
    lack of certain features in libc by using gnulib and implementing its own
    functions and data structures respectively; going forward, it will prefer
    the facilities offered by GLib instead.

  * Stop distributing generated documentation

    Most downstreams already patch the libvirt source to some extent, so this
    change will probably not affect them.

  * Rewrite several Perl scripts in Python

    Phasing out Perl usage is part of the project strategy.

* **New features**

  * qemu: Introduce a new video model of type 'ramfb'

    Introduce a new video model type to the domain XML that supports the
    ``ramfb`` standalone device in qemu.

  * qemu: Implement the ccf-assist pSeries feature

    Users can now decide whether ccf-assist (Count Cache Flush Assist) support
    should be available to pSeries guests.

  * Xen: Support specifying ACPI firmware path

    The libxl driver now supports specifying an ACPI firmware path using the
    ``acpi`` element.

  * qemu: Support specifying resolution for video devices

* **Removed features**

  * logging: Drop support for including stack traces

    This feature was intended to aid debugging, but in practice it resulted in
    logs that were too verbose to be useful and also resulted in a significant
    performance penalty.

* **Improvements**

  * qemu: Implement CPU comparison/baseline on s390x

    This functionality has been historically limited to x86_64, but it's now
    available on s390x too.

* **Bug fixes**

  * lib: autostart objects exactly once

    If libvirtd or any of the sub-daemons is started with socket activation
    then objects might be autostarted more than once. For instance, if a domain
    under ``qemu:///session`` URI is mark as autostarted and the session daemon
    is started then the domain is started with it. If user shuts the domain
    down and the session daemon is started again, the user's wish to keep the
    domain shut off is ignored and the domain is autostarted again. This is now
    fixed.

  * qemu: Properly advertise bochs-display availability

    Support for ``bochs-display`` was introduced in libvirt 5.6.0, but until
    now the model was not listed in the domain capabilities.

  * security: Don't remember labels for TPM devices

    Due to the way they're implemented in the kernel, trying to remember labels
    for TPM devices makes it impossible to use them.

  * security: Properly rollback after failure in a stacked driver

    When multiple security drivers are involved, failure in one of them would
    result in only the corresponding changes being rolled back, leaving the
    ones performed by drivers that had been activated earlier in place. All
    changes are rolled back now.

  * Fix build with musl libc

  * Improve compatibility with non-bash shells


v5.8.0 (2019-10-05)
===================

* **New features**

  * qemu: Support use of precreated tap/macvtap devices by unprivileged
    libvirtd

    It is now possible for an unprivileged libvirtd to make use of tap and
    macvtap devices that were previously created by some other entity. This is
    done by setting ``managed='no'`` along with the device name in the
    ``target`` subelement of ``<interface type='ethernet'>`` .

  * qemu: Support vhost-user-gpu

    Support for running virtio GPUs in separate processes with vhost-user
    backend. It requires QEMU newer than 4.1.

  * Introduce virConnectSetIdentity API

    When split daemons are in use, this API is used to forward uid, gid and
    SELinux info from ``virproxyd`` to other driver daemons such as
    ``virtqemud`` .

* **Improvements**

  * qemu: Support running SLIRP networking in a separate process

    User can configure the slirp-helper path in ``qemu.conf`` . It will start a
    slirp-helper process to provide SLIRP networking when the VM is started
    with network interface "user". That will allow stricter security policies
    for QEMU SLIRP network.

* **Removed features**

  * Remove xenapi driver

    The xenapi driver is removed since it has not received any significant
    development since its initial contribution nine years ago and has no known
    user base.


v5.7.0 (2019-09-03)
===================

* **New features**

  * qemu: Support Direct Mode for Hyper-V Synthetic timers

    The QEMU driver now supports Direct Mode for Hyper-V Synthetic timers for
    Hyper-V guests.

  * lib: Add virDomainGetGuestInfo()

    This API is intended to aggregate several guest agent information queries
    and is inspired by stats API ``virDomainListGetStats()`` . It is
    anticipated that this information will be provided by a guest agent running
    within the domain. It's exposed as ``virsh guestinfo`` .

  * Experimental split of libvirtd into separate daemons

    The big monolithic libvirtd daemon can now be replaced by smaller
    per-driver daemons. The new split daemons are considered experimental at
    this time and distributions are encouraged to continue using the
    traditional libvirtd by default.

  * qemu: Support kvm-hint-dedicated performance hint

    With ``<hint-dedicated state='on'/>`` and ``<cpu
    mode='host-passthrough'/>`` , it allows a guest to enable optimizations
    when running on dedicated vCPUs. QEMU newer than 2.12.0 and kernel newer
    than 4.17 are required.

* **Removed features**

  * Remove KVM assignment support

    The KVM style of PCI device assignment was removed from the kernel in
    version 4.12.0 after being deprecated since 4.2.0. Libvirt defaults to VFIO
    for a long time. Remove support for KVM device assignment from libvirt too.

  * libxml: min required libxml is now 2.9.1

    Support for building with libxml versions older than 2.9.1 has been
    dropped.

* **Improvements**

  * virsh: Support setting bandwidth in migrate subcommand

    In addition to postcopy bandwidth, the ``virsh migrate`` subcommand now
    supports specifying precopy bandwidth with the ``--bandwidth`` parameter.

  * libxl: Implement domain metadata getter/setter

    The libxl driver now supports ``virDomainGetMetadata()`` and
    ``virDomainSetMetadata()`` APIs.

  * test driver: Expand API coverage

    Additional APIs have been implemented in the test driver.

  * Report RNG device in domain capabilities XML

    Libvirt now reports if RNG devices are supported by the underlying
    hypervisor in the domain capabilities XML.

  * Stop linking NSS plugins with libvirt.so

    This reduces the amount of code and 3rd party libraries are that loaded
    into all processes.

  * Split the setuid virt-login-shell binary into two pieces

    The setuid virt-login-shell binary is now a tiny shim that sanitizes the
    process execution environment variables and arguments, before launching the
    trusted virt-login-shell-helper binary.

  * qemu: Allow migration with disk cache on

    When QEMU supports flushing caches at the end of migration, we can safely
    allow migration even if ``disk/driver/@cache`` is neither ``none`` nor
    ``directsync`` .

* **Bug fixes**

  * Various security label remembering fixes

    In the previous release libvirt introduced remembering of original owners
    and SELinux labels on files. However, the feature did not work properly
    with snapshots, on migrations or on network filesystems. This is now fixed.

  * Allow greater PCI domain numbers

    Libvirt used to require PCI domain number to be not greater than 0xFFFF.
    The code was changed to allow 32 bits long numbers.

  * Various D-Bus fixes

    When D-Bus is not available, libvirt was reporting random errors. These are
    now gone.

  * Prefer read-only opening of PCI config files

    When enumerating PCI bus, libvirt opens config files under ``sysfs`` mount
    and parses them to learn various aspects of the device (e.g. its
    capabilities). Only in a very limited number of cases it is actually
    writing into the file. However, it used to open the file also for writing
    even if it was only reading from it.

  * Fix AppArmor profile

    Since the ``5.6.0`` release, libvirt uses ``procfs`` to learn the list of
    opened file descriptors when spawning a command. However, our AppArmor
    profile was not allowing such access.

  * Don't block storage driver when starting or building a pool

    Starting or building a storage pool can take a long time to finish. During
    this time the storage driver was blocked and thus no other API involving
    the storage driver could run. This is now fixed.


v5.6.0 (2019-08-05)
===================

* **New features**

  * qemu: Introduce a new video model of type 'bochs'

    Introduce a new video model type that supports the ``bochs-display`` device
    that was added in qemu version 3.0.

  * api: new virDomainCheckpoint APIs

    Introduce several new APIs for creating and managing checkpoints in the
    test and qemu drivers (the latter requires qcow2 images). Checkpoints serve
    as a way to tell which portions of a disk have changed since a point in
    time.

  * qemu: Add support for overriding max threads per process limit

    systemd-based systems impose a limit on the number of threads a process can
    spawn, which in some cases can be exceeded by QEMU processes running VMs.
    Add a ``max_threads_per_process`` option to qemu.conf to override the
    system default.

  * Remember original owners and SELinux labels of files

    When a domain is starting up libvirt changes DAC and SELinux labels so that
    domain can access it. However, it never remembered the original labels and
    therefore the file was returned back to ``root:root`` . With this release,
    the original labels are remembered and restored properly.

  * network: Allow passing arbitrary options to dnsmasq

2008
    This works similarly to the existing support for passing arbitrary options
2009
2010
2011
2012
2013
2014
2015
2016
2017
2018
2019
2020
2021
2022
2023
2024
2025
2026
2027
2028
2029
2030
2031
2032
2033
2034
2035
2036
2037
2038
2039
2040
2041
2042
2043
2044
2045
2046
2047
2048
2049
2050
2051
2052
2053
2054
2055
2056
2057
2058
2059
2060
2061
2062
2063
2064
2065
2066
2067
2068
2069
2070
2071
2072
2073
2074
2075
2076
2077
2078
2079
2080
2081
2082
2083
2084
2085
2086
2087
2088
2089
2090
2091
2092
2093
2094
2095
2096
2097
2098
2099
2100
2101
2102
2103
2104
2105
2106
2107
2108
2109
2110
2111
2112
2113
2114
2115
2116
2117
2118
2119
2120
2121
2122
2123
2124
2125
2126
2127
2128
2129
2130
2131
2132
2133
2134
2135
2136
2137
2138
2139
2140
2141
2142
2143
2144
2145
2146
2147
2148
2149
2150
2151
2152
2153
2154
2155
2156
2157
2158
2159
2160
2161
2162
2163
2164
2165
2166
2167
2168
2169
2170
2171
2172
2173
2174
2175
2176
2177
2178
2179
2180
2181
2182
2183
2184
2185
2186
2187
2188
2189
2190
2191
2192
2193
2194
2195
2196
2197
2198
2199
2200
2201
2202
2203
2204
2205
2206
2207
2208
2209
2210
2211
2212
2213
2214
2215
2216
2217
2218
2219
2220
2221
2222
2223
2224
2225
2226
2227
2228
2229
2230
2231
2232
2233
2234
2235
2236
2237
2238
2239
2240
2241
2242
2243
2244
2245
2246
2247
2248
2249
2250
2251
2252
2253
2254
2255
2256
2257
2258
2259
2260
2261
2262
2263
2264
2265
2266
2267
2268
2269
2270
2271
2272
2273
2274
2275
2276
2277
2278
2279
2280
2281
2282
2283
2284
2285
2286
2287
2288
2289
2290
2291
2292
2293
2294
2295
2296
2297
2298
2299
2300
2301
2302
2303
2304
2305
2306
2307
2308
2309
2310
2311
2312
2313
2314
2315
2316
2317
2318
2319
2320
2321
2322
2323
2324
2325
2326
2327
2328
2329
2330
2331
2332
2333
2334
2335
2336
2337
2338
2339
2340
2341
2342
2343
2344
2345
2346
2347
2348
2349
2350
2351
2352
2353
2354
2355
2356
2357
2358
2359
2360
2361
2362
2363
2364
2365
2366
2367
2368
2369
2370
2371
2372
2373
2374
2375
2376
2377
2378
2379
2380
2381
2382
2383
2384
2385
2386
2387
2388
2389
2390
2391
2392
2393
2394
2395
2396
2397
2398
2399
2400
2401
2402
2403
2404
2405
2406
2407
2408
2409
2410
2411
2412
2413
2414
2415
2416
2417
2418
2419
2420
2421
2422
2423
2424
2425
2426
2427
2428
2429
2430
2431
2432
2433
2434
2435
2436
2437
2438
2439
2440
2441
2442
2443
2444
2445
2446
2447
2448
2449
2450
2451
2452
2453
2454
2455
2456
2457
2458
2459
2460
2461
2462
2463
2464
2465
2466
2467
2468
2469
2470
2471
2472
2473
2474
2475
2476
2477
2478
2479
2480
2481
2482
2483
2484
2485
2486
2487
2488
2489
2490
2491
2492
2493
2494
2495
2496
2497
2498
2499
2500
2501
2502
2503
2504
2505
2506
2507
2508
2509
2510
2511
2512
2513
2514
2515
2516
2517
2518
2519
2520
2521
2522
2523
2524
2525
2526
2527
2528
2529
2530
2531
2532
2533
2534
2535
2536
2537
2538
2539
2540
2541
2542
2543
2544
2545
2546
2547
2548
2549
2550
2551
2552
2553
2554
2555
2556
2557
2558
2559
2560
2561
2562
2563
2564
2565
2566
2567
2568
2569
2570
2571
2572
2573
2574
2575
2576
2577
2578
2579
2580
2581
2582
2583
2584
2585
2586
2587
2588
2589
2590
2591
2592
2593
2594
2595
2596
2597
2598
2599
2600
2601
2602
2603
2604
2605
2606
2607
2608
2609
2610
2611
2612
2613
2614
2615
2616
2617
2618
2619
2620
2621
2622
2623
2624
2625
2626
2627
2628
2629
2630
2631
2632
2633
2634
2635
2636
2637
2638
2639
2640
2641
2642
2643
2644
2645
2646
2647
2648
2649
2650
2651
2652
2653
2654
2655
2656
2657
2658
2659
2660
2661
2662
2663
2664
2665
2666
2667
2668
2669
2670
2671
2672
2673
2674
2675
2676
2677
2678
2679
2680
2681
2682
2683
2684
2685
2686
2687
2688
2689
2690
2691
2692
2693
2694
2695
2696
2697
2698
2699
2700
2701
2702
2703
2704
2705
2706
2707
2708
2709
2710
2711
2712
2713
2714
2715
2716
2717
2718
2719
2720
2721
2722
2723
2724
2725
2726
2727
2728
2729
2730
2731
2732
2733
2734
2735
2736
2737
2738
2739
2740
2741
2742
2743
2744
2745
2746
2747
2748
2749
2750
2751
2752
2753
2754
2755
2756
2757
2758
2759
2760
2761
2762
2763
2764
2765
2766
2767
2768
2769
2770
2771
2772
2773
2774
2775
2776
2777
2778
2779
2780
2781
2782
2783
2784
2785
2786
2787
2788
2789
2790
2791
2792
2793
2794
2795
2796
2797
2798
2799
2800
2801
2802
2803
2804
2805
2806
2807
2808
2809
2810
2811
2812
2813
2814
2815
2816
2817
2818
2819
2820
2821
2822
2823
    to QEMU, and just like that feature it comes with no support guarantees.

* **Remov