-
v1.11.1 Release: v1.11.1
Changes since 1.11.0: !232 virtio-fs/virtiofsd!232 Force-call DESTROY on INIT !231 virtio-fs/virtiofsd!231 Add "separate-options" capability to mark that new-style options can be used !230 virtio-fs/virtiofsd!230 Do not require --shared-dir to print capabilities !229 virtio-fs/virtiofsd!229 Enable notification on vring failure
-
v1.11.0 Release: v1.11.0
Changes since 1.10.1: !225 Add '--shared-dir' as required if '-o' is missing !224 Close the listener in the parent process !223 Check if both the socket parent directory and shared directory exist !222 deps: Bump syslog version !221 Increase maximum virtqueue size to 32768 !218 Hide clippy warning in readdir !217 Remove redundant Result imports !216 deps: Bump vhost and vhost-user-backend versions !215 Allow the user to specify --uid-map and --gid-map multiple times !214 Fix new compiler and clippy warnings !206 Migration !204 Directly write uid/gidmap where possible !199 Introduce allow-mmap flag
-
v1.10.0 Release: v1.10.0
This release includes some bug fixes in our dependencies, and add support for up to 509 mem slots. Specifically, we update the dependencies to: vhost-user-backend 0.13.1 vhost 0.10.0 vm-memory 0.14.0 virtio-queue 0.11.0 vmm-sys-util 0.12.1 The vmm-sys-utils update fixes an out-of-bounds memory access that could lead to a security vulnerability. And the vhost-user-backend, adds support for 509 mem slots, and includes few bug fixes, among them, some required for our live migration support. It also includes: !207 (merged) Don't drop supplemental groups if /proc/self/setgroups contains "deny"
-
v1.9.0 Release: v1.9.0
Changes since 1.8.0: !208 Update rust-vmm dependencies !203 Remove panic if newuidmap/newgidmap are missing !202 README: Add guidance for adding to qemu cmdlines !200 seccomp: allow `fstatfs64` syscall on powerpc64 !196 passthrough: Compare lowercase cache policy identifiers !187 Support for xen vhost frontend !176 Renaming the interop json file
-
v1.7.1 Release: v1.7.1
Changes since 1.7.0: !188 Update vhost-user-backend: Fix used idx !186 Implement `Copy` in `SandboxMode` !185 Use `name_to_handle_at()` to get the mount id !184 oslib: Mark `writev_at()` as unsafe !180 Fix missing license header !178 virtiofsd: migrate from structopt to clap v4
-
v1.7.0 Release: v1.7.0
Changes since 1.6.1: !177 Downgrade env_log crate to remove binary dependencies !175 Upgrade rust-vmm dependencies !174 Allow to provide the same argument multiple times !172 passthrough: add KEEP_CACHE flag for directory file when cache=always !170 seccomp: Allow SYS_sched_yield !169 Fix cache timeouts !168 Refactor FUSE bitmask constants !167 passthrough: open mountinfo proc file in case we readlly need !166 add support for loongarch64 !165 write: track dirty pages on `write()` !164 Prevent EPERM failures with O_NOATIME !162 Make Reader and Writer generic over bitmap !160 Add supplementary group extension support
-
v1.6.0 Release: v1.6.0
Changes since v1.5.1: !137 enabling a non-root user to set the UID/GID mappings inside a sandbox !153 Fix musl SIGSYS due to missing seccomp filter !155 Fix clippy warnings !154 Announce submounts by default !156 Remove unsupport syscall in linux/riscv64 !157 seccomp: fix support for ppc64le
-
v1.5.0 Release: v1.5.0
Changes since v1.4.0: !144 seccomp: Allow `SYS_sigreturn` for s390x (main) ← (fix-s390x-crash) !143 passthrough: Set `RWF_APPEND` on non-cached writes o... (main) ← (fix-append-mmap) !142 keep `DAC_OVERRIDE` after changing the uid/gid (main) ← (fix-supgroup) !141 passthrough: Replace `openat(2)` with `openat2(2)` (main) ← (feat-openat2) !140 Keep DAC_READ_SEARCH on setxattr with posix acl (main) ← (fix-setxattr-w-filehandles) !139 Bump rust-vmm crates dependencies (main) ← (update-rust-vmm) !138 descriptor_utils: Remove unnecessary deref (main) ← (fix-clippy-warn) !136 sandbox: Allow non-root users run the daemon without... (main) ← (sandbox-none-non-root) !135 Add `umask(2)` safe wrapper (main) ← (ref-safe-umask) !134 Add command line documentation details (main) ← (fix-cmdline-doc) !133 Add missing license file header ...
-
v1.4.0 Release: v1.4.0
Changes since v1.3.0: !127 Adds safe versions of `libc::mount()` and `libc::u... (main) ← (ref-wrap-unsafe-mount) !118 sandbox: Move parent process code inside sandbox (main) ← (refactor-parent-sandbox) !126 Update virtio-queue and vhost-user-backend deps (main) ← !(update-deps) !117 sandbox: Fix PR_SET_PDEATHSIG race condition (main) ← (fix-fork-prctl-rc) !102 Add capability to create security context (SELinux... (main) ← (security-label) !113 Log the errno error description on debug (main) ← (fix-errmsg) !125 Fix nightly clippy derive_partial_eq_without_eq wa... (main) ← (fix-clippy-warn) !124 Fixes failed open mount point when using file hand... (main) ← (fix-fh-chroot) !114 server: Reply FUSE_INIT_EXT on FUSE_INIT (main) ← (fix-initext)
-
v1.2.0 Release: v1.2.0
Changes since v1.1.0: !112 Replace deprecated MAX with the associated constan... (main) ← (fix-depr) !111 Fix st_mode of . and .. directories in readdirplus (main) ← (fix-readdirplus) !110 Allow only one daemon to bind the socket (main) ← (sckex) !109 Update inode file handles documentation (main) ← (doc_fh) !108 Log the FUSE opcode name and inode on debug (main) ← (opcode_name) !107 Fix daemon startup with new glibc versions (>=2.35) (main) ← (ps-allow-rseq) !106 Switch to building statically linked binaries for ... (main) ← (static_build) !105 Do not call setgroups() for unprivileged user name... (main) ← (no-setgroups-unpriv-namespace) !104 Increment the rlimit_nofile for all sandbox modes (main) ← (rlimit_nofile) !103 Expand "map" type rule (main) ← (fix_map_type) !101 Set the number of written bytes for used descs (main) ← (used-len) !100 Add (and prefer) “prefer” alias to --inode-file-ha... (main) ← (file-handles-prefer-alias) !99 Add statx musl support (main) ← (musl-static) !98 Set edition to 2018 in rustfmt.toml and update som... (main) ← (update-deps) !97 Extend the documentation (main) ← (ext_doc) !96 Check whether the root’s file handle is usable (main) ← (check-root-nodes-handle) !95 Add posix ACLs support (main) ← (posix_acl) !94 virtiofsd: Add capability to handle extended fuse ... (main) ← (fuse-init-ext) !92 Setxattr: get the correct structure based on whet... (main) ← (srvst) !91 vhost_user_backend: Remove nested RwLock (main) ← (backend-no-mut) !88 passthrough: Use application-specific inode storage (main) ← (inode-store) !87 process_queue_pool: Only acquire the VringMutex lo... (main) ← (pool-lock-once) !86 Modify the list of enabled capabilities from the c... (main) ← (modcaps) !84 passthrough: Reset config on FUSE_DESTROY (main) ← (reset-bools) !82 passthrough: Fix InodeData reference counting (main) ← (fix-25) !80 Parent exits with signal received by child (main) ← (issue_21)
-
v1.1.0
Changes since v1.0.0: - xattr mapping add a new type "unsupported" (!67) - sandbox: Support combining --rlimit-nofile and --sandbox=chroot (!65) - sandbox: Propagate exit code from child to parent (!64) - xattrmap: Fix documentation for type "map" (!68) - Adds compatibility options (!61) - Replace crate seccomp-sys with libseccomp-sys (!71) - Drop membership of all supplementary groups (CVE-2022-0358) (!77) - Adds killpriv_v2/no_killpriv_v2 options (!62)