Tags: cloud-hypervisor/cloud-hypervisor
Tags
v52.0 This release has been tracked in [v52.0 group](https://github.com/orgs/cloud-hypervisor/projects/6/views/6?filterQuery=release%3A%22Release+52%22) of our [roadmap project](https://github.com/orgs/cloud-hypervisor/projects/6/). Security Fixes -------------- This release fixes a use-after-free vulnerability in the `virtio-block` async I/O completion path (#8220). Details can be found in GHSA-f47p-p25q-83rh (CVE-2026-45782). Confidential VM Support: KVM SEV-SNP ------------------------------------ AMD SEV-SNP confidential VMs can now be launched on KVM in addition to MSHV. Cloud Hypervisor uses `guest_memfd` to back private memory and loads an IGVM-packaged firmware (e.g. Oak stage0) to bring up an SEV-SNP guest on real hardware (#7942). Measured-boot support has been completed for KVM SEV-SNP guests, bringing parity with the QEMU launch flow: the kernel, command line, and initrd are reflected in the launch measurement, and a signed SNP ID block can be passed so the guest (or a remote attestor) can verify the launch (#8123). VFIO Device Passthrough via `iommufd` and `vfio-cdev` ---------------------------------------------------- Cloud Hypervisor now supports the modern Linux VFIO device-access model based on the `iommufd` subsystem and per-device `vfio-cdev` character devices (available since Linux v6.6). This unlocks the advanced IOMMU features exposed by modern hardware and enables fully accelerated IOMMU support inside the guest. The legacy `container/group`-based path continues to be supported (#7981). In addition, several VFIO/PCI improvements have landed: * A new `host_mmap_bars` option allows selective mapping of VFIO BARs into the guest, so devices that expose registers that should not be fast-pathed can be selectively trapped (#7991). * Sub-page VFIO BARs are now expanded to a full page for `mmap()`, avoiding spurious failures on devices with small BARs (#7939). * `VfioMsix::cap` and `VfioMsix::bar` are now kept synchronized to avoid stale MSI-X state (#7993). * VFIO MMIO regions are now reliably cleared in `DeviceManager::drop` (#8063). * Deferred PCI BAR reprogramming state is now part of the saved device state (#7945). * GSIs for MSI/MSI-X interrupt vectors are now allocated lazily, reducing GSI consumption for VMs with many devices (#7940). Multi-Connection TCP Live Migration ----------------------------------- The `send-migration` HTTP command now accepts a `connections` parameter (defaults to `1`) that controls how many parallel TCP connections are used for the live migration data transfer. On servers with high-bandwidth (e.g. 100G) network links, multiple connections significantly increase migration throughput (#7669). Userfaultfd Demand-Paged Snapshot Restore ----------------------------------------- A new `memory_restore_mode` option on the restore path allows guest memory to be populated lazily via `userfaultfd` instead of reading the entire memory snapshot before the VM resumes. This dramatically reduces restore-to-resume latency for large guests, at the cost of faulting pages in on demand after resume (#7800). Configurable PCI BDFs for Devices ---------------------------------- Users now can configure the PCI slot/device number, the middle part of the PCI BDF, through the CLI and API; bus and function remain fixed at `0`. This covers virtio devices (except balloon), VFIO devices, vfio-user device, and generic vhost-user devices (#8175, #7965, #8174, #8163). AIO Block Backend `write_zeroes` and `punch_hole` Support --------------------------------------------------------- The AIO block backend now implements `write_zeroes` and `punch_hole`, fixing a v51.0 regression that affected guests on hosts with `io_uring` disabled (e.g. RHEL 9 / CentOS Stream 9, where `kernel.io_uring_disabled=2` is a common hardening default) (#7817). Asynchronous QCOW2 Backend with `io_uring` ----------------------------------------- A new `QcowDiskAsync` backend uses `io_uring` for data I/O on QCOW2 images and is automatically selected when `io_uring` is available (falling back to the synchronous backend otherwise). Each virtio queue gets its own ring and its own duplicated file descriptor, enabling parallel data I/O across queues; QCOW2 metadata is shared behind an `Arc<RwLock<_>>` (#7882). Generic `vhost-user` Device Support ----------------------------------- A new generic `vhost-user-generic` device type has been added. All information about the device (number of queues, queue size, feature bits, etc.) is provided to Cloud Hypervisor via the command line or API, allowing arbitrary vhost-user backends to be attached without device-type-specific support in the VMM (#7221). Core Scheduling for vCPU Threads -------------------------------- A new `core_scheduling` option on `--cpus` controls how vCPU threads are placed on SMT siblings via the kernel's core-scheduling feature, which is useful for mitigating cross-thread side-channel attacks without disabling SMT outright. Three modes are supported: `vm` (default — all vCPU threads share one cookie), one-cookie-per-vCPU, and a configurable grouping mode (#7747). Snapshot/Restore and Live Migration Improvements ----------------------------------------------- * Snapshot and restore now treat the memory backing file as a sparse file: on snapshot the backing FD is sought with `SEEK_DATA`/`SEEK_HOLE` to skip unallocated regions, and on restore the on-disk file is read as sparse. Pages the guest never touched remain as holes in the backing file, substantially reducing both snapshot size and restore time (#8113). * Paused VMs can now be migrated (#8099). * User-configurable downtime and timeout parameters for live migration (#7835), and improved downtime observability (#7979). * A new option to automatically resume the VM on restore, useful when restoring from the VMM command line without an API socket (#7857). * Snapshot/restore support for `vhost-user` devices has been filled out (#7908), including migration support for `virtio-fs` (#7937). * Vsock connections are now reset on snapshot restore to avoid stale half-open connections on the guest side (#7958). * The KVM clock is now restored before vCPUs are resumed (#7932), and `notify_guest_clock_paused` is called for Hyper-V guests (#7933), eliminating clock jumps observed after restore. * `vhost-user` devices receive a guest interrupt on resume so that in-flight I/O is not stalled across pause/resume (#7851), and activated queue eventfds are signaled on resume for all virtio devices (#8004). * `UFFDIO_WAKE` and `UFFD_FEATURE_MISSING_HUGETLBFS` are now handled correctly (#8016). New Command-Line and API Options -------------------------------- * `--no-shutdown` keeps the VMM process running when the guest triggers a shutdown. This is useful for higher-level management layers that need full control over the VMM process (#8025). * fw_cfg now supports inline string items via `--fw-cfg name=...,string=...`, matching QEMU's syntax (#7825). * A new per-zone `mergeable` option on `--memory-zone` lets KSM merging be controlled per memory zone instead of only globally (#7983). * Disk lock granularity is now configurable via `--disk` (#7763). * `--cpus threads_per_core` is now enforced to be at most two (#8078), matching the hardware constraint. * `--log-format` controls the log output format, complementing existing log-level controls (#8172). Wallclock log timestamps now use UTC (#8193). * The HTTP API now logs error responses (#8181), and the `user_devices` configuration is included in the OpenAPI spec (#8072). MSHV Support Improvements ------------------------- * `SVM_EXIT_CPUID`, `SVM_EXIT_MSR`, and `GHCB_MSR_TERM_REQ` handlers have been added to the SEV-SNP exit path (#7934). * Guest MTRR MSRs are now preserved on KVM (#7944). * Nested-virtualization control fixes on AMD (#7783). Deprecations ------------ Auto-detection of disk image types is now deprecated and will be removed in a future release. Specify the image type explicitly via the `--disk image_type=...` CLI option or the `image_type` field on `DiskConfig` in the HTTP/D-Bus API to avoid the deprecation warning (#8219). Notable Bug Fixes ----------------- * Fix a guest-triggerable VMM panic via an out-of-bounds `queue_select` in the MSI-X vector access path on the virtio PCI common config (#7918). * Saturate instead of underflowing on a malformed balloon `actual` value reported by the guest (#7903). * IOMMU address translation now returns errors instead of panicking on malformed guest input (#8023). * Several virtio device error paths now reset queues instead of panicking or exiting the worker (#8128); additional device manager paths avoid guest-induced panics (#8186). * Virtio barriers are now sized from the number of queues actually activated by the guest, fixing pause hangs (#7881). * Spec compliance fixes for virtio device config layouts (#7805). and other small spec deviations (#8066). Console descriptor-chain processing has been fixed (#7802). dword writes to the MSI-X control register are now handled (#7956). * PCI segment ACPI `_UID` values now match the segment ID (#7992). * Fix VHDX multiqueue data corruption (#7746). * Fix block-device resize-disk (#7948) and the writeback-mode update flow (#7949). * Fix vdpa RX failure after device reset by always using base 0 (#7964). * Fix rebooting with landlock and a pty console (#7911). * Reject rate limiting with `vhost-user` (#8135). * Fix a deadlock between `CpuManager::pause()` and MMIO writes to the ACPI CPU hotplug controller (#7990, #8092). * Cancel `vhost-user` reconnection if the device has been unplugged (#8182). * Remove the API socket path when `start_vmm` fails (#8018). * Add missing ID validation for the virtio-rng device (#9a46affc3). * Fix UB in `MemoryRangeTable::read_from` (#7828) and `load_igvm()` (#8129). * `memory_actual_size` reflects hot-plug state, removing a slow recomputation path (#7969). * DIO alignment is now queried directly from the underlying file rather than assumed (#7767). * QCOW2 metadata access is now thread-safe with `num_queues > 1` (#7744). * Block devices unconditionally assume sparse support, matching QEMU and avoiding a non-existent probe ioctl (#7757). * Multi-value CLI options now use `.action(ArgAction::Append)` so that repeating an option appends rather than replacing (#7778). * AIO completions are batched in `next_completed_request` for the block backend, reducing per-completion overhead (#7864). * Roll back the PCI BAR address on a failed `move_bar` so that an out-of-range MMIO address programmed by the guest leaves the device functional rather than crashing the VMM (#7950). * Fix O_DIRECT writes failing with `EINVAL` on the synchronous QCOW2 backend (#8012). * Fix O_DIRECT reads failing with `EINVAL` on the async `io_uring` QCOW2 read path (#8051). * Move QCOW2 compressed-cluster decompression out of the metadata lock, removing a bottleneck for compressed images (#8061). * Clamp the balloon's reported range to its region before processing unused pages (#8098). * Validate the requested balloon size against total guest RAM (#8116). * Reject `--memory-zone` configurations that set both `mergeable` and `shared` (#8126). * Disable sector 0 writes for autodetected VHD images (#8218). Contributors ------------ Many thanks to everyone who has contributed to our release: * Alyssa Ross <hi@alyssa.is> * Anatol Belski <anbelski@linux.microsoft.com> * Andrei Vagin <avagin@google.com> * Anirudh Rayabharam <anrayabh@microsoft.com> * Bo Chen <bchen@crusoe.ai> * CMGS <ilskdw@gmail.com> * Changyuan Lyu <changyuanl@google.com> * Chinmoy <daschinmoyy21@gmail.com> * Damian Barabonkov <dbctl@pm.me> * Demi Marie Obenour <demiobenour@gmail.com> * Dylan Reid <dgreid@dylanreid.com> * Dylan Reid <dgreid@fb.com> * Emir Beganovic <beganovic.emir@gmail.com> * JP Kobryn <inwardvessel@gmail.com> * Jared White <git@jaredwhite.dev> * Julian Schindel <julian.schindel@cyberus-technology.de> * Julian Schindel <mail@arctic-alpaca.de> * Keith Adler <kadler@cloudflare.com> * Kevin Hui <kevinhui@meta.com> * Leander Kohler <leander.kohler@cyberus-technology.de> * Max Makarov <maxpain@linux.com> * Muminul Islam <muislam@microsoft.com> * Nguyen Dinh Phi <phind.uet@gmail.com> * Pascal Scholz <pascal.scholz@cyberus-technology.de> * Peter Oskolkov <posk@google.com> * Philipp Schuster <philipp.schuster@cyberus-technology.de> * Rob Bradford <rbradford@meta.com> * Roberto Campesato <render@metalabs.org> * Ruben Hakobyan <hruben@meta.com> * Saravanan D <saravanand@crusoe.ai> * Sebastian Eydam <sebastian.eydam@cyberus-technology.de> * Sebastian Walz <sebastian.walz@secunet.com> * Shayon Mukherjee <shayonj@gmail.com> * Souradeep <schakrabarti@microsoft.com> * Souradeep Chakrabarti <schakrabarti@microsoft.com> * Stepan Rabotkin <epicstyt@gmail.com> * Thomas Prescher <thomas.prescher@cyberus-technology.de> * Tobias Kässer <t.kaesser@gmail.com> * Victor Vieux <vieux@repl.it> * Vincent Thomas <vincent@v-thomas.com> * Wei Liu <liuwe@microsoft.com> * Zhiheng Tao <junchuan.tzh@antgroup.com> * dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * sohakpt <sohakpt@outlook.com> * wuxinyue <wuxinyue.wxy@antgroup.com>
v51.0 This release has been tracked in [v51.0 group](https://github.com/orgs/cloud-hypervisor/projects/6/views/6?filterQuery=release%3A%22Release+51%22) of our [roadmap project](https://github.com/orgs/cloud-hypervisor/projects/6/). Security Fixes -------------- This release fixes a security vulnerability in disk image handling. Details can be found in [GHSA-jmr4-g2hv-mjj6](GHSA-jmr4-g2hv-mjj6). * A new `backing_files=on|off` option has been added to `--disk` to explicitly control whether QCOW2 backing files are permitted. This defaults to `off` to prevent the loading of backing files entirely. (#7685) * Explicit image type specification via the user interface, removing reliance on format autodetection (#7728). * Prevent sector-zero writes for autodetected raw images (#7728). Significant QCOW2 v3 Improvements --------------------------------- A large number of QCOW2 v3 specification features have been implemented: * RAW backing file support for QCOW2 overlays (#7570) * Zero bit in L2 entries (#7627) * Incompatible feature bit validation (#7612) * Dirty bit support (#7636) * Variable refcount widths (1 to 64-bit) (#7633) * Corrupt bit detection and marking (#7639) * Autoclear feature bits handling (#7648) * Thread safety fix for multiple virtio queues (`num_queues > 1`) (#7661) * Correct zero-fill for reads beyond backing file size (#7678) * Live disk resize support (#7687) ACPI Generic Initiator Support ------------------------------ ACPI Generic Initiator Affinity (SRAT Type 5) support has been added to associate VFIO-PCI devices with dedicated memory/CPU-less NUMA nodes. This enables the guest OS to make NUMA-aware memory allocation decisions for device workloads. A new `device_id` parameter has been added to `--numa` for specifying VFIO devices. (#7626) Block Device DISCARD and WRITE_ZEROES Support --------------------------------------------- The `virtio-blk` device now supports `DISCARD` and `WRITE_ZEROES` operations for QCOW2 and RAW image formats. This enables thin provisioning and efficient space reclamation when guests trim filesystems. A new `sparse=on|off` option has been added to `--disk` to control disk space management: `sparse=on` (default) enables thin provisioning with space reclamation, while `sparse=off` provides thick provisioning with consistent I/O latency. (#7666) Notable Performance Improvements -------------------------------- * Transparent Huge Pages (THP) support has been extended to cover anonymous shared memory (`shared=on`) via `madvise`. Previously, THP was only used for non-shared memory. (#7646) * The `vhost-user-net` device now uses the default set of vhost-user virtio features, including `VIRTIO_F_RING_INDIRECT_DESC`, which provides a performance improvement. (#7653) MSHV Support Improvements ------------------------- * Optimize CPU state update after emulation by only updating special registers when changed (#7603) * Enable SMT for guests with `threads_per_core > 1` (#7668) * Stub `save_data_tables()` to unblock VM pause/resume (#7692) * Handle `GHCB_INFO_SPECIAL_DBGPRINT` VMG exit in SEV-SNP guest exit handler (#7703) * Fix CVM boot failure on MSHV (#7548) * Fix CPU topology detection for multithreaded configurations (#7576) Notable Bug Fixes ----------------- * Fix VFIO device hot-remove leaving group and container file descriptors open, preventing re-add (#7676) * Fix snapshot restore when backing file is on read-only storage with `shared=false` (#7674) * Enforce `VIRTIO_BLK_F_RO` even if guest does not negotiate it (#7705) * Fix read-only block device FLUSH requests from OVMF preventing VMs from booting (#7706) * Fix vhost-user device not properly dropping unowned file descriptors (#7679) * Fix `vhost-user-block` `get_config` interoperability (#7617) * Fix vsock TOCTOU race condition by copying packet header from guest memory before processing (#7530) * Fix vsock handling of large TX packets spanning multiple data descriptors (#7680) * Add `gettid()` to all seccomp filters (#7596) * Fix MAC address parsing that wrongly allowed `+` instead of hex characters (#7579) * Improve UUID parse error message and `--net` fd help text (#7702) * Fix various inconsistencies in our OpenAPI specification file (#7716, #7726) * Various documentation fixes (#7602, #7606) Contributors ------------ Many thanks to everyone who has contributed to our release: * Aastha Rawat <aastharawat@microsoft.com> * Alyssa Ross <hi@alyssa.is> * Anatol Belski <anbelski@linux.microsoft.com> * Anirudh Rayabharam <anrayabh@microsoft.com> * Bo Chen <bchen@crusoe.ai> * Champ-Goblem <cameron@northflank.com> * Changyuan Lyu <changyuanl@google.com> * Damian Barabonkov <dbctl@pm.me> * Demi Marie Obenour <demiobenour@gmail.com> * Leander Kohler <leander.kohler@cyberus-technology.de> * Muminul Islam <muislam@microsoft.com> * Philipp Schuster <philipp.schuster@cyberus-technology.de> * Rob Bradford <rbradford@meta.com> * Rowen-Ye <rowenye1@gmail.com> * Saravanan D <saravanand@crusoe.ai> * Stanislav Kinsburskii <skinsburskii@linux.microsoft.com> * Thomas Leroy <thomas.leroy.mp@gmail.com> * Wei Liu <liuwe@microsoft.com> * Yi Wang <foxywang@tencent.com> * Zhibin Li <banlu.lzb@antgroup.com> * stevenhorsman <steven@uk.ibm.com>
v50.1 This is a point release containing security fixes and bug fixes. Security Fixes -------------- This release fixes a security vulnerability in disk image handling. Details can be found in [GHSA-jmr4-g2hv-mjj6](GHSA-jmr4-g2hv-mjj6). * A new `backing_files=on|off` option has been added to `--disk` to explicitly control whether QCOW2 backing files are permitted. This defaults to `off` to prevent the loading of backing files entirely. (#7685) * Explicit image type specification via the user interface, removing reliance on format autodetection (#7728). * Prevent sector-zero writes for autodetected raw images (#7728). Bug Fixes --------- * Fix various inconsistencies in our OpenAPI specification file (#7716, #7726) * Fix QCOW2 thread safety for multiple virtio queues (`num_queues > 1`) (#7661)
v50.0 This release has been tracked in [v50.0 group](https://github.com/orgs/cloud-hypervisor/projects/6/views/6?filterQuery=release%3A%22Release+50%22) of our [roadmap project](https://github.com/orgs/cloud-hypervisor/projects/6/). Configurable Nested Virtualization Option on x86_64 --------------------------------------------------- The `nested=on|off` option has been added to `--cpu` to allow users to configure nested virtualization support in the guest on x86_64 hosts (for both KVM and MSHV). The default value is `on` to maintain consistency with existing behavior. (#7408) Compression Support for QCOW2 ----------------------------- QCOW2 support has been extended to handle compression clusters based on zlib and zstd. (#7462) Notable Performance Improvements -------------------------------- Performance of live migration has been improved via an optimized implementation of dirty bitmap maintenance. (#7468) Live Disk Resizing Support for Raw Images ----------------------------------------- The `/vm.resize-disk` API has been introduced to allow users to resize block devices backed by raw images while a guest is running. (#7476) Developer Experience Improvements --------------------------------- Significant improvements have been made to developer experience and productivity. These include a simplified root manifest, codified and tightened Clippy lints, and streamlined workflows for `cargo clippy` and `cargo test`. (#7489) Improved File-level Locking Support ----------------------------------- Block devices now use byte-range advisory locks instead of whole-file locks. While both approaches prevent multiple Cloud Hypervisor instances from simultaneously accessing the same disk image with write permissions, byte-range locks provide better compatibility with network storage backends. (#7494) Logging Improvements -------------------- Logs now include event information generated by the event-monitor module. (#7512) Notable Bug Fixes ----------------- * Fix several issues around CPUID in the guest (#7485, #7495, #7508) * Fix snapshot/restore for Windows Guest (#7492) * Respect queue size in block performance tests (#7515) * Fix several Serial Manager issues (#7502) * Fix several seccomp violation issues (#7477, #7497, #7518) * Fix various issues around block and qcow (#7526, #7528, #7537, #7546, #7549) * Retrieve MSRs list correctly on MSHV (#7543) * Fix live migration (and snapshot/restore) with AMX state (#7534) Contributors ------------ Many thanks to everyone who has contributed to our release: * Anatol Belski <anbelski@linux.microsoft.com> * Anirudh Rayabharam <anrayabh@microsoft.com> * Bo Chen <bchen@crusoe.ai> * Changyuan Lyu <changyuanl@google.com> * Chengyu Fu <chengyu.fu@linux.alibaba.com> * Connor Brewster <cbrewster@hey.com> * Demi Marie Obenour <demiobenour@gmail.com> * Eugene Korenevsky <ekorenevsky@aliyun.com> * Julian Stecklina <julian.stecklina@cyberus-technology.de> * Matt Moriarity <matt@mattmoriarity.com> * Muminul Islam <muislam@microsoft.com> * Oliver Anderson <oliver.anderson@cyberus-technology.de> * Pascal Scholz <pascal.scholz@cyberus-technology.de> * Philipp Schuster <philipp.schuster@cyberus-technology.de> * Praveen K Paladugu <prapal@linux.microsoft.com> * Rob Bradford <rbradford@rivosinc.com> * Sebastien Boeuf <seb@rivosinc.com> * Songqian Li <sionli@tencent.com> * Stefan Nürnberger <stefan.nuernberger@cyberus-technology.de> * Thomas Prescher <thomas.prescher@cyberus-technology.de> * Wei Liu <liuwe@microsoft.com>
v49.0 This release has been tracked in [v49.0 group](https://github.com/orgs/cloud-hypervisor/projects/6/views/4?filterQuery=release%3A%22Release+49%22) of our [roadmap project](https://github.com/orgs/cloud-hypervisor/projects/6/). MSHV Support Improvements ------------------------- On AArch64 with MSHV, firmware boot (#7391) and graceful guest shutdown (#7354) are now supported, and CI coverage has been added (#7381). Logging Improvements -------------------- Logs now use an improved timestamp format (#7355), emit an explicit message on graceful shutdown (#7346), and reduce noisy warnings with newer guest kernels (#7423). Removed Default IP and Mask for `virtio-net` Devices ---------------------------------------------------- The implicit default IP (192.168.249.1) and netmask (255.255.255.0) for `virtio-net` devices have been removed, as previously announced in the deprecation notice two releases ago (#7365). Users now can create `virtio-net` devices with no IP and netmask assigned. Notable Bug Fixes ----------------- * Prevent crash on malformed vsock connect requests (#7310) * Fix vCPU hotplug when the vCPU count exceeds 255 (#7349) * Drop the VFIO container when no VFIO devices are active (#7364) * Gracefully close preserved file descriptors on hot device removal (#7371) * Fix race condition in pause–resume cycles (#7397) * Add NetConfig offload parameters to the OpenAPI spec file (#7445) * Fix seccomp filter violation from the http-server thread (#7454) Contributors ------------ Many thanks to everyone who has contributed to our release: * Aastha Rawat <aastharawat@microsoft.com> * Alyssa Ross <hi@alyssa.is> * Anirudh Rayabharam <anrayabh@microsoft.com> * Ariel Chenet <apchenet@gmail.com> * Bo Chen <bchen@crusoe.ai> * Can Zhang <icloud9957@gmail.com> * Eugene Korenevsky <ekorenevsky@aliyun.com> * Maximilian Güntner <code@mguentner.de> * Muminul Islam <muislam@microsoft.com> * Oliver Anderson <oliver.anderson@cyberus-technology.de> * Philipp Schuster <philipp.schuster@cyberus-technology.de> * Rob Bradford <rbradford@rivosinc.com> * Ruoqing He <heruoqing@iscas.ac.cn> * Wei Liu <liuwe@microsoft.com> * Yi Wang <foxywang@tencent.com>
v48.0 This release has been tracked in [v48.0 group](https://github.com/orgs/cloud-hypervisor/projects/6/views/4?filterQuery=release%3A%22Release+48%22) of our [roadmap project](https://github.com/orgs/cloud-hypervisor/projects/6/). Experimental `fw_cfg` Device Support ------------------------------------ This feature enables passing configuration data and files, such as VM boot configurations (kernel, kernel cmdline, e820 memory map, and ACPI tables), from the host to the guest. (#7117) Experimental `ivshmem` Device Support ------------------------------------- Support for inter-VM shared memory has been added. For more information, please refer to the [ivshmem documentation](docs/ivshmem.md). (#6703) Firmware Boot Support on `riscv64` --------------------------------- In addition to direct kernel boot, firmware boot support has been added on `riscv64` hosts. (#7249) Increased vCPU Limit on x86_64/kvm ---------------------------------- The maximum number of supported vCPUs on x86_64 hosts using KVM has been raised from 254 to 8192. (#7299) Improved Block Performance with Small Block Sizes ------------------------------------------------- Performance for `virtio-blk` with small block sizes (16KB and below) is enhanced via submitting async IO requests in batches. (#7146) Faster VM Pause Operation ------------------------- The VM pause operation now is significantly faster particularly for VMs with a large number of vCPUs. (#7290) Updated Documentation on Windows Guest Support ---------------------------------------------- Our Windows documentation now includes instructions to run Windows 11 guests, in addition to Windows Server guests. (#7218) Policy on AI Generated Code --------------------------- We will decline any contributions known to contain contents generated or derived from using Large Language Models (LLMs). Details can be found in our [contributing documentation](CONTRIBUTING.md). (#7162) Removed SGX Support ------------------- The SGX support has been removed, as announced in the deprecation notice two release cycles ago. (#7093) Notable Bug Fixes ----------------- * Seccomp filter fixes with glibc v2.42 (#7327) * Various fixes related to (#7331, #7334, #7335)
v47.0 This release has been tracked in [v47.0 group](https://github.com/orgs/cloud-hypervisor/projects/6/views/4?filterQuery=release%3A%22Release+47%22) of our [roadmap project](https://github.com/orgs/cloud-hypervisor/projects/6/). Block Device Error Reporting to the Guest ----------------------------------------- Instead of exiting on I/O errors, the `virtio-block` device now reports errors to the guest using `VIRTIO_BLK_S_IOERR`. It improves the user experience particularly when the guest rootfs is not backed by the affected block device. (#7107) Nice Error Messages on Exit --------------------------- We now have the chain of errors being reported and printed nicely, when Cloud Hypervisor or ch-remote exits on errors. (#7066) Alphabetically Sorted CLI Options for ch-remote ----------------------------------------------- To improve readability, ch-remote now prints help information in alphabetical order. (#7130) Notable Bug Fixes ----------------- * Error out early when block device serial is too long (#7124) * Fix partial commands being discarded for `virtio-vsock` (#7195) * Disable the broken interrupt support for the `rtc_pl031` device to prevent spurious guest interrupts (#7199) Deprecations ------------ * A default IP (`192.168.249.1`) and mask (`255.255.255.0`) are currently assigned to the `virtio-net` device if no value is specified by users. Such behavior is now deprecated. Users of this behavior will receive a warning message and should make adjustments. The behavior will be removed in two release cycles (v49.0).
PreviousNext