]> git.ipfire.org Git - thirdparty/libvirt.git/commitdiff
news: Update for 3.9.0 release
authorAndrea Bolognani <abologna@redhat.com>
Wed, 1 Nov 2017 16:12:21 +0000 (17:12 +0100)
committerAndrea Bolognani <abologna@redhat.com>
Thu, 2 Nov 2017 09:54:13 +0000 (10:54 +0100)
Signed-off-by: Andrea Bolognani <abologna@redhat.com>
Reviewed-by: John Ferlan <jferlan@redhat.com>
docs/news.xml

index 6a864916da6449cc62c9d28ab5f644887a31618b..c9e951e0d02692ea0aeed61d78fcf855337d256a 100644 (file)
           easily.
         </description>
       </change>
+      <change>
+        <summary>
+          qemu: Support multiqueue for virtio-blk
+        </summary>
+        <description>
+          Multiqueue support for <code>virtio-blk</code> has been available
+          in QEMU ever since 2.7.0, and now libvirt guests can enable it.
+        </description>
+      </change>
+      <change>
+        <summary>
+          Add virDomainSetLifecycleAction API
+        </summary>
+        <description>
+          Provided a new API to allow dynamic guest lifecycle control for
+          guest reactions to poweroff, restart, or crash type events related
+          to the domain XML <code>on_poweroff</code>, <code>on_reboot</code>,
+          and <code>on_crash</code> elements. The
+          <code>virsh set-lifecycle-action</code> command was created to
+          control the actions.
+        </description>
+      </change>
+      <change>
+        <summary>
+          qemu: Allow cold(un)plugging and hot(un)plugging input devices
+        </summary>
+      </change>
+      <change>
+        <summary>
+          net: Implement QoS for vhostuser
+        </summary>
+      </change>
     </section>
     <section title="Improvements">
       <change>
           in order to decrypt the volume.
         </description>
       </change>
+      <change>
+        <summary>
+          net: Ignore auto-generated MAC address when detaching an interface
+        </summary>
+        <description>
+          If the MAC address has not been specified by the user, libvirt will
+          try and fill in the gaps by generating one; however, for some error
+          paths that led to some confusing error messages, so when an
+          auto-generated MAC address is specified the error message will not
+          include the auto-generated MAC.
+        </description>
+      </change>
+      <change>
+        <summary>
+          net: Enable MAC address lookup for virDomainInterfaceStats
+        </summary>
+      </change>
+      <change>
+        <summary>
+          apparmor: Several improvements
+        </summary>
+        <description>
+          Changes include permitting access to data about USB devices and
+          <code>dnsmasq</code> instances, allowing spaces in guest names and
+          many more.
+        </description>
+      </change>
+      <change>
+        <summary>
+          cpu: Use CPU information obtained from QEMU when possible
+        </summary>
+        <description>
+          Recent QEMU versions can expose information about which CPU models
+          are available and usable on the host; libvirt will now make use of
+          such information whenever possible.
+        </description>
+      </change>
+      <change>
+        <summary>
+          hyperv: Various improvements
+        </summary>
+        <description>
+          The error reported when clients can't connect to Hyper-V has been
+          made more descriptive, and memory limits for guests are now mapped
+          to more appropriate libvirt equivalents.
+        </description>
+      </change>
+      <change>
+        <summary>
+          qemu: Report QEMU error on failed migration
+        </summary>
+        <description>
+          Instead of reporting a generic error, ask QEMU for a more detailed
+          and thus hopefully more helpful one.
+        </description>
+      </change>
+      <change>
+        <summary>
+          vbox: Implement autoport for RDP
+        </summary>
+        <description>
+          libvirt will now obtain the (dynamically allocated) RDP port number
+          from VirtualBox itself, avoiding conflicts between multiple guests
+          wanting to use RDP at the same time.
+        </description>
+      </change>
+      <change>
+        <summary>
+          qemu: Allow rotation of small logs
+        </summary>
+        <description>
+          On a host where numerous unique instances are executed per day, it's
+          quite possible that, even though each of the single log files are
+          fairly small, collectively the quantity and volume may add tens of
+          thousands of log files to the <code>/var/log/libvirt/qemu/</code>
+          directory. Removing the constraints that log have to be bigger than
+          100 KiB before they can be rotated solves the issue.
+        </description>
+      </change>
     </section>
     <section title="Bug fixes">
       <change>
           the LUKS encrypted volume.
         </description>
       </change>
+      <change>
+        <summary>
+          qemu: Reserve PCI addresses for implicit i440fx devices
+        </summary>
+        <description>
+          Failing to do so causes the addresses to be considered usable by
+          libvirt, which means they could be assigned to more than one device
+          resulting in the guest failing to start.
+        </description>
+      </change>
+      <change>
+        <summary>
+          spec: Restart libvirtd only at the end of the upgrade process
+        </summary>
+        <description>
+          Use <code>%posttrans</code> to make sure <code>libvirtd</code>
+          is not restarted before all other components, such as the library
+          itself and storage / hypervisor drivers, have already been upgraded.
+        </description>
+      </change>
+    </section>
+    <section title="Security">
+      <change>
+        <summary>
+          qemu: Ensure TLS clients always verify the server certificate
+        </summary>
+        <description>
+          While it's reasonable to turn off client certificate validation,
+          as setting it up can be non-trivial, clients should always verify
+          the server certificate to avoid MITM attacks. However, libvirt was
+          using the same knob to control both checks, leading to
+          CVE-2017-1000256 / LSN-2017-0002.
+        </description>
+      </change>
     </section>
   </release>
   <release version="v3.8.0" date="2017-10-04">