Changes since 1.11.0:

!232  virtio-fs/virtiofsd!232  Force-call DESTROY on INIT    
!231  virtio-fs/virtiofsd!231  Add "separate-options" capability to mark that new-style options can be used    
!230  virtio-fs/virtiofsd!230  Do not require --shared-dir to print capabilities    
!229  virtio-fs/virtiofsd!229  Enable notification on vring failure

Changes since 1.10.1:

!225  Add '--shared-dir' as required if '-o' is missing                                    
!224  Close the listener in the parent process                                             
!223  Check if both the socket parent directory and shared directory exist           
!222  deps: Bump syslog version                                                                 
!221  Increase maximum virtqueue size to 32768                                                        
!218  Hide clippy warning in readdir                                                 
!217  Remove redundant Result imports                                                    
!216  deps: Bump vhost and vhost-user-backend versions                                          
!215  Allow the user to specify --uid-map and --gid-map multiple times                     
!214  Fix new compiler and clippy warnings                                                     
!206  Migration                                                                                   
!204  Directly write uid/gidmap where possible                                                         
!199  Introduce allow-mmap flag

Changes since 1.10.0:
!212 (merged) Fix mandatory user namespaces

This release includes some bug fixes in our dependencies, and add support for up to 509 mem slots. Specifically, we update the dependencies to:

vhost-user-backend 0.13.1
vhost 0.10.0
vm-memory 0.14.0
virtio-queue 0.11.0
vmm-sys-util 0.12.1

The vmm-sys-utils update fixes an out-of-bounds memory access that could lead to a security vulnerability. And the vhost-user-backend, adds
support for 509 mem slots, and includes few bug fixes, among them, some required for our live migration support.
It also includes:
!207 (merged) Don't drop supplemental groups if /proc/self/setgroups contains "deny"

Changes since 1.8.0:

!208 Update rust-vmm dependencies
!203 Remove panic if newuidmap/newgidmap are missing
!202 README: Add guidance for adding to qemu cmdlines
!200 seccomp: allow `fstatfs64` syscall on powerpc64
!196 passthrough: Compare lowercase cache policy identifiers
!187 Support for xen vhost frontend
!176 Renaming the interop json file

Changes since 1.7.2:
!193 (merged) README: Use memfd for qemu by default    
!192 (merged) seccomp: Enable getrandom() syscall    
!173 (merged) Add a new cache policy Metadata

This is a minor fix for the v1.7.1 release, it just adds the -V/--version options

Changes since 1.7.0:

!188 Update vhost-user-backend: Fix used idx    
!186 Implement `Copy` in `SandboxMode`    
!185 Use `name_to_handle_at()` to get the mount id    
!184 oslib: Mark `writev_at()` as unsafe    
!180 Fix missing license header    
!178 virtiofsd: migrate from structopt to clap v4

Changes since 1.6.1:

!177  Downgrade env_log crate to remove binary dependencies    
!175  Upgrade rust-vmm dependencies    
!174  Allow to provide the same argument multiple times    
!172  passthrough: add KEEP_CACHE flag for directory file when cache=always    
!170  seccomp: Allow SYS_sched_yield    
!169  Fix cache timeouts    
!168  Refactor FUSE bitmask constants    
!167  passthrough: open mountinfo proc file in case we readlly need    
!166  add support for loongarch64    
!165  write: track dirty pages on `write()`    
!164  Prevent EPERM failures with O_NOATIME    
!162  Make Reader and Writer generic over bitmap    
!160  Add supplementary group extension support

Changes since v1.6.0:

!161 server: remove buffer size check for read/write
!159 Don't use unshare(CLONE_FS) when not threaded

Changes since v1.5.1:

!137 enabling a non-root user to set the UID/GID mappings inside a sandbox
!153 Fix musl SIGSYS due to missing seccomp filter
!155 Fix clippy warnings
!154 Announce submounts by default
!156 Remove unsupport syscall in linux/riscv64
!157 seccomp: fix support for ppc64le

Changes since v1.5.0:
    
!150  Bump dependencies version                                (main) ← (upd-libc)
!149  Fix clippy warnings                                      (main) ← (fix-clippy-warnings)
!146  Remove `security.capability` even if the file was op...  (main) ← (fix-setattr-xattrmap)

Changes since v1.4.0:

!144  seccomp: Allow `SYS_sigreturn` for s390x                 (main) ← (fix-s390x-crash)
!143  passthrough: Set `RWF_APPEND` on non-cached writes o...  (main) ← (fix-append-mmap)
!142  keep `DAC_OVERRIDE` after changing the uid/gid           (main) ← (fix-supgroup)
!141  passthrough: Replace `openat(2)` with `openat2(2)`       (main) ← (feat-openat2)
!140  Keep DAC_READ_SEARCH on setxattr with posix acl          (main) ← (fix-setxattr-w-filehandles)
!139  Bump rust-vmm crates dependencies                        (main) ← (update-rust-vmm)
!138  descriptor_utils: Remove unnecessary deref               (main) ← (fix-clippy-warn)
!136  sandbox: Allow non-root users run the daemon without...  (main) ← (sandbox-none-non-root)
!135  Add `umask(2)` safe wrapper                              (main) ← (ref-safe-umask)
!134  Add command line documentation details                   (main) ← (fix-cmdline-doc)
!133  Add missing license file header       ...

Changes since v1.3.0:

!127  Adds safe versions of `libc::mount()` and `libc::u...  (main) ← (ref-wrap-unsafe-mount)
!118  sandbox: Move parent process code inside sandbox       (main) ← (refactor-parent-sandbox)
!126  Update virtio-queue and vhost-user-backend deps        (main) ← !(update-deps)
!117  sandbox: Fix PR_SET_PDEATHSIG race condition           (main) ← (fix-fork-prctl-rc)
!102  Add capability to create security context (SELinux...  (main) ← (security-label)
!113  Log the errno error description on debug               (main) ← (fix-errmsg)
!125  Fix nightly clippy derive_partial_eq_without_eq wa...  (main) ← (fix-clippy-warn)
!124  Fixes failed open mount point when using file hand...  (main) ← (fix-fh-chroot)
!114  server: Reply FUSE_INIT_EXT on FUSE_INIT               (main) ← (fix-initext)

Changes since v1.1.0:

!112  Replace deprecated MAX with the associated constan...  (main) ← (fix-depr)
!111  Fix st_mode of . and .. directories in readdirplus     (main) ← (fix-readdirplus)
!110  Allow only one daemon to bind the socket               (main) ← (sckex)
!109  Update inode file handles documentation                (main) ← (doc_fh)
!108  Log the FUSE opcode name and inode on debug            (main) ← (opcode_name)
!107  Fix daemon startup with new glibc versions (>=2.35)    (main) ← (ps-allow-rseq)
!106  Switch to building statically linked binaries for ...  (main) ← (static_build)
!105  Do not call setgroups() for unprivileged user name...  (main) ← (no-setgroups-unpriv-namespace)
!104  Increment the rlimit_nofile for all sandbox modes      (main) ← (rlimit_nofile)
!103  Expand "map" type rule                                 (main) ← (fix_map_type)
!101  Set the number of written bytes for used descs         (main) ← (used-len)
!100  Add (and prefer) “prefer” alias to --inode-file-ha...  (main) ← (file-handles-prefer-alias)
!99   Add statx musl support                                 (main) ← (musl-static)
!98   Set edition to 2018 in rustfmt.toml and update som...  (main) ← (update-deps)
!97   Extend the documentation                               (main) ← (ext_doc)
!96   Check whether the root’s file handle is usable         (main) ← (check-root-nodes-handle)
!95   Add posix ACLs support                                 (main) ← (posix_acl)
!94   virtiofsd: Add capability to handle extended fuse ...  (main) ← (fuse-init-ext)
!92   Setxattr:  get the correct structure based on whet...  (main) ← (srvst)
!91   vhost_user_backend: Remove nested RwLock               (main) ← (backend-no-mut)
!88   passthrough: Use application-specific inode storage    (main) ← (inode-store)
!87   process_queue_pool: Only acquire the VringMutex lo...  (main) ← (pool-lock-once)
!86   Modify the list of enabled capabilities from the c...  (main) ← (modcaps)
!84   passthrough: Reset config on FUSE_DESTROY              (main) ← (reset-bools)
!82   passthrough: Fix InodeData reference counting          (main) ← (fix-25)
!80   Parent exits with signal received by child             (main) ← (issue_21)

Changes since v1.0.0:
- xattr mapping add a new type "unsupported" (!67)
- sandbox: Support combining --rlimit-nofile and --sandbox=chroot (!65)
- sandbox: Propagate exit code from child to parent (!64)
- xattrmap: Fix documentation for type "map" (!68)
- Adds compatibility options (!61)
- Replace crate seccomp-sys with libseccomp-sys (!71)
- Drop membership of all supplementary groups (CVE-2022-0358) (!77)
- Adds killpriv_v2/no_killpriv_v2 options (!62)

First stable release.