mirror of
git://git.yoctoproject.org/meta-virtualization.git
synced 2025-07-19 12:50:22 +02:00
18630a89a2
Bumping passt to version 2025_03_20.32f6212-11-gcf4d3f0, which comprises the following commits:
cf4d3f0 packet: Upgrade severity of most packet errors
0857515 packet: ASSERT on signs of pool corruption
9153aca util: Add abort_with_msg() and ASSERT_WITH_MSG() helpers
38bcce9 packet: Rework packet_get() versus packet_get_try()
961aa6a packet: Move checks against PACKET_MAX_LEN to packet_check_range()
37d9f37 packet: Avoid integer overflows in packet_get_do()
c48331c packet: Correct type of PACKET_MAX_LEN
9866d14 tap: Clarify calculation of TAP_MSGS
a41d6d1 tap: Make size of pool_tap[46] purely a tuning parameter
e43e007 packet: More cautious checks to avoid pointer arithmetic UB
4592719 vu_common: Tighten vu_packet_check_range()
32f6212 Makefile: Enable -Wformat-security
07c2d58 conf: Include libgen.h for basename(), fix build against musl
ebdd463 tcp: Flush socket before checking for more data in active close state
c250ffc migrate: Bump migration version number
cfb3740 migrate, tcp: Migrate RFC 7323 timestamp
28772ee migrate, tcp: More careful marshalling of mss parameter during migration
51f3c07 passt-repair: Fix build with -Werror=format-security
cb5b593 tcp, flow: Better use flow specific logging heleprs
96fe554 conf: Unify several paths in conf_ports()
78f1f0f test/perf: Simplify iperf3 server lifetime management
26df8a3 conf: Limit maximum MTU based on backend frame size
9d1a6b3 pcap: Correctly set snaplen based on tap backend type
b6945e0 Simplify sizing of pkt_buf
c4bfa33 tap: Use explicit defines for maximum length of L2 frame
1eda8de packet: Remove redundant TAP_BUF_BYTES define
c43972a packet: Give explicit name to maximum packet size
74cd82a conf: Detect vhost-user mode earlier
4b17d04 conf: Move mode detection into helper function
bb00a04 conf: Use the same optstring for passt and pasta modes
c8b520c flow, repair: Wait for a short while for passt-repair to connect
0470170 passt-repair: Add directory watch
2b58b22 cppcheck: Add suppressions for "logically" exported functions
a83c806 vhost_user: Don't export several functions
27395e6 tcp: Don't export tcp_update_csum()
12d5b36 checksum: Don't export various functions
e36c35c log: Don't export passt_vsyslog()
57d2db3 treewide: Mark assorted functions static
68b0418 udp: create and send ICMPv6 to local peer when applicable
87e6a46 tap: break out building of udp header from tap_udp6_send function
55431f0 udp: create and send ICMPv4 to local peer when applicable
82a839b tap: break out building of udp header from tap_udp4_send function
1924e25 conf: Be more precise about minimum MTUs
672d786 tcp: Send RST in response to guest packets that match no connection
1f23681 tap: Consider IPv6 flow label when building packet sequences
0081756 ip: Helpers to access IPv6 flow label
52419a6 migrate, tcp: Don't flow_alloc_cancel() during incoming migration
b270821 tcp: Unconditionally move to CLOSED state on tcp_rst()
56ce03e tcp: Correct error code handling from tcp_flow_repair_socket()
39f85bc migrate, flow: Don't attempt to migrate TCP flows without passt-repair
7b92f2e migrate, flow: Trivially succeed if migrating with no flows
8747173 selinux: Fixes/workarounds for passt and passt-repair, mostly for libvirt usage
be86232 seccomp.sh: Silence stty errors
ea69ca6 tap: always set the no_frag flag in IPv4 headers
4dac235 contrib/fedora: Actually install passt-repair SELinux policy file
16553c8 dhcp: Add option code byte in calculation for OPT_MAX boundary check
183bedf Makefile: Use mmap2() as alternative for mmap() in valgrind extra syscalls
1cc5d4c conf: Use 0 instead of -1 as "unassigned" mtu value
3dc7da6 conf: More thorough error checking when parsing --mtu option
65e317a flow: Clean up and generalise flow traversal macros
b79a22d flow: Remove unneeded bound parameter from flow traversal macros
7ffca35 flow: Remove unneeded index from foreach_* macros
adb46c1 flow: Add flow_perror() helper
ba0823f tcp: Don't pass both flow pointer and flow index
854bc7b tcp: Remove spurious prototype for tcp_flow_migrate_shrink_window
e56c803 tcp: More type safety for tcp_flow_migrate_target_ext()
5a07eb3 tcp_vu: head_cnt need not be global
6b40651 tap: Remove unused ETH_HDR_INIT() macro
354bc0b packet: Don't pass start and offset separately to packet_check_range()
0a51060 packet: Use flexible array member in struct pool
bcc4908 dhcp: Remove option 255 length byte
a1e48a0 test: Add migration tests
89ecf2f migrate: Migrate TCP flows
3e903bb repair, passt-repair: Build and warning fixes for musl
01b6a16 tcp_splice: A typo three years ago and SO_RCVLOWAT is gone
667caa0 tcp_splice: Don't wake up on input data if we can't write it anywhere
7c33b12 vhost_user: Clear ring address on GET_VRING_BASE
71249ef tcp, tcp_splice: Don't set SO_SNDBUF and SO_RCVBUF to maximum values
30f1e08 tcp: Keep updating window and checking for socket data after FIN from guest
98d474c contrib/selinux: Enable mapping guest memory for libvirt guests
9a84df4 selinux: Add rules needed to run tests
a301158 rampstream: Add utility to test for corruption of data streams
6f122f0 tcp: Get bound address for connected inbound sockets too
f3fe795 vhost_user: Make source quit after reporting migration state
b899141 Add interfaces and configuration bits for passt-repair
155cd0c migrate: Migrate guest observed addresses
5911e08 migrate: Skeleton of live migration logic
836fe21 passt-repair: Fix off-by-one in check for number of file descriptors
def7de4 tcp_vu: Fix off-by one in header count array adjustment
90f91fe tcp: Implement conservative zero-window probe on ACK timeout
472e2e9 tcp: Don't discard window information on keep-alive segments
31e8109 dhcp, dhcpv6: Add hostname and client fqdn ops
a3d142a conf: Don't map DNS traffic to host, if host gateway is a resolver
864be47 passt-repair: Send one confirmation *per command*, not *per socket*
fe8b6a7 dhcp: Don't re-use request message for reply
b7b70ba passt-repair: Dodge "structurally unreachable code" warning from Coverity
0f009ea passt-repair: Fix calculation of payload length from cmsg_len
a0b7f56 passt-repair: Don't use perror(), accept ECONNRESET as termination
a5cca99 conf, passt.1: Un-deprecate --host-lo-to-ns-lo
0da87b3 debug: Add tcpdump to mbuto.img
f66769c apparmor: Workaround for unconfined libvirtd when triggered by unprivileged user
593be32 passt-repair.1: Fix indication of TCP_REPAIR constants
9215f68 passt-repair: Build fixes for musl
a9d63f9 passt-repair: use _exit() over return
d0006fa treewide: use _exit() over exit()
745c163 tcp: Simplify handling of getsockname()
b4a7b5d migrate: Fix several errors with passt-repair
dcf014b doc: Add mock of migration source and target
52e57f9 tcp: Get socket port and address using getsockname() when connecting from guest
8c24301 Introduce passt-repair
e894d9a vhost_user: Turn some vhost-user message reports to trace()
e25a930 util: Add read_remainder() and read_all_buf()
71fa736 tcp_splice, udp_flow: fcntl64() support on PPC64 depends on glibc version
b75ad15 vhost_user: On 32-bit ARM, mmap() is not available, mmap2() is used instead
722d347 tcp: Don't reset outbound connection on SYN retries
bf28608 pasta.te: fix demo.sh and remove one duplicate rule
dcd6d81 tcp: Add HOSTSIDE(x), HOSTFLOW(x) macros
0349cf6 util: Rename and make global vu_remove_watch()
10c4a9e tcp: Always pass NULL event with EPOLL_CTL_DEL
dd6a685 vhost-user: Implement an empty VHOST_USER_SEND_RARP command
d477a1f netlink: Skip loopback interface while looking for a template
4f2c8e7 vhost_user: Drop packet with unsupported iovec array
ec5c4d9 tcp: Set PSH flag for last incoming packets in a batch
db2c91a tcp: Set ACK flag on *all* RST segments, even for client in SYN-SENT state
54bb972 tcp: Disable Nagle's algorithm (set TCP_NODELAY) on all sockets
8757834 tcp: Buffer sizes are *not* inherited on accept()/accept4()
c96a88d vhost_user: remove ASSERT() on iovec number
412ed4f vhost-user: Report to front-end we support VHOST_USER_PROTOCOL_F_DEVICE_STATE
31d7002 vhost-user: add VHOST_USER_SET_DEVICE_STATE_FD command
878e163 vhost-user: add VHOST_USER_CHECK_DEVICE_STATE command
78c73e9 vhost-user: Report to front-end we support VHOST_USER_PROTOCOL_F_LOG_SHMFD
3c1d91b vhost-user: add VHOST_USER_SET_LOG_BASE command
538312a vhost-user: Pass vu_dev to more virtio functions
b04195c vhost-user: add VHOST_USER_SET_LOG_FD command
6016e04 vhost-user: update protocol features and commands list
a8f4fc4 tcp: Mask EPOLLIN altogether if we're blocked waiting on an ACK from the guest
b8f573c tcp: Set EPOLLET when when reading from a socket fails with EAGAIN
22cf08b tcp: Don't subscribe to EPOLLOUT events on STALLED
707f77b tcp: Fix ACK sequence getting out of sync on EPOLLOUT wake-up
1b95bd6 vhost_user: fix multibuffer from linux
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
||
|---|---|---|
| classes | ||
| conf | ||
| docs | ||
| dynamic-layers | ||
| files | ||
| lib/oeqa/runtime/cases | ||
| recipes-containers | ||
| recipes-core | ||
| recipes-demo | ||
| recipes-devtools | ||
| recipes-extended | ||
| recipes-graphics/xorg-xserver | ||
| recipes-kernel | ||
| recipes-networking | ||
| scripts | ||
| wic | ||
| .gitignore | ||
| COPYING.MIT | ||
| MAINTAINERS | ||
| meta-virt-roadmap.txt | ||
| README.md | ||
| SECURITY.md | ||
meta-virtualization
This layer provides support for building Xen, KVM, Libvirt, and associated packages necessary for constructing OE-based virtualized solutions.
The bbappend files for some recipes (e.g. linux-yocto) in this layer need to have 'virtualization' in DISTRO_FEATURES to have effect. To enable them, add in configuration file the following line.
DISTRO_FEATURES:append = " virtualization"
If meta-virtualization is included, but virtualization is not enabled as a distro feature a warning is printed at parse time:
You have included the meta-virtualization layer, but
'virtualization' has not been enabled in your DISTRO_FEATURES. Some bbappend files
may not take effect. See the meta-virtualization README for details on enabling
virtualization support.
If you know what you are doing, this warning can be disabled by setting the following variable in your configuration:
SKIP_META_VIRT_SANITY_CHECK = 1
Depending on your use case, there are other distro features in meta-virtualization that may also be enabled:
- xen: enables xen functionality in various packages (kernel, libvirt, etc)
- kvm: enables KVM configurations in the kernel and autoloads modules
- k8s: enables kubernets configurations in the kernel, tools and configuration
- aufs: enables aufs support in docker and linux-yocto
- x11: enable xen and libvirt functionality related to x11
- selinux: enables functionality in libvirt and lxc
- systemd: enable systemd services and unit files (for recipes for support)
- sysvinit: enable sysvinit scripts (for recipes with support)
- seccomp: enable seccomp support for packages that have the capability.
Dependencies
This layer depends on:
URI: git://github.com/openembedded/openembedded-core.git branch: master revision: HEAD prio: default
URI: git://github.com/openembedded/meta-openembedded.git branch: master revision: HEAD layers: meta-oe meta-networking meta-filesystems meta-python
Required for Xen XSM policy: URI: git://git.yoctoproject.org/meta-selinux branch: master revision: HEAD prio: default
Required for Ceph: URI: git://git.yoctoproject.org/meta-cloud-services branch: master revision: HEAD prio: default
Required for cri-o: URI: git://git.yoctoproject.org/meta-selinux branch: master revision: HEAD prio: default
Community / Colaboration
Repository: https://git.yoctoproject.org/cgit/cgit.cgi/meta-virtualization/ Mailing list: https://lists.yoctoproject.org/g/meta-virtualization IRC: libera.chat #meta-virt channel
Maintenance
Send pull requests, patches, comments or questions to meta-virtualization@lists.yoctoproject.org
Maintainer: Bruce Ashfield bruce.ashfield@gmail.com see MAINTAINERS for more specific information
When sending single patches, please using something like: $ git send-email -1 -M --to meta-virtualization@lists.yoctoproject.org --subject-prefix='meta-virtualization][PATCH'
License
All metadata is MIT licensed unless otherwise stated. Source code included in tree for individual recipes is under the LICENSE stated in each recipe (.bb file) unless otherwise stated.