Releases: mirage/mirage
v3.5.2
v3.5.1
CHANGES:
- Adapt to new tracing API (#985, by @talex5)
- Remove stubs for qrexec and qubes gui (qubes 3 is end of life, qubes 4 makes it configurable) (#984, by @linse & @yomimono)
- Update mirage-logs and charrua-client-mirage version constraints (#982, by @hannesm)
- Remove unused dockerfile, travis updates (#982 #990, by @hannesm)
v3.5.0
CHANGES:
- Rename Mirage_impl_kv_ro to Mirage_impl_kv, and introduce
rw
(#975, by @hannesm) - Adapt to mirage-kv 2.0.0 changes (#975, by @hannesm)
- Adapt to mirage-protocols and mirag-net 2.0.0 changes (#972, by @hannesm)
- mirage-types-lwt: remove unneeded io-page dependency (#971, by @hannesm)
- Fix regression introduced in 3.4.0 that "-l *:debug" did no longer work (#970, by @hannesm)
- Adjust various upper bounds (mirage-unix, cohttp-mirage, mirage-bootvar-xen) (#967, by @hannesm)
v3.4.1
CHANGES:
- Provide a httpaf_server device, and a cohttp_server device (#955, by @anmonteiro)
- There can only be a single prng device in a unikernel, due to entropy
harvesting setup (#959, by @hannesm) - Cleanup zarith-freestanding / gmp-freestanding dependencies (#964, by @hannesm)
- ethernet is now a separate package (#965, by @hannesm)
- arp now uses the mirage/arp repository by default, the tcpip.arpv4
implementation was removed in tcpip 3.7.0 (#965, by @hannesm)
v3.4.0
CHANGES:
- use ipaddr 3.0 without s-expression dependency (#956, by @hannesm)
- use mirage-clock 2.x and tcpip 3.6.x libraries (#960, #962, by @hannesm)
- default to socket stack on unix and macos (#958, by @hannesm)
- use String.split_on_char in mirage-runtime to avoid astring dependency (#957, by @hannesm)
- add build-dependency on mirage to each unikernel (#953, by @hannesm)
3.3.1
3.3.0
CHANGES:
New target: (via solo5) Genode:
"Genode[4][5][6] is a free and open-source operating system framework consisting
of a microkernel abstraction layer and a collection of userspace components. The
framework is notable as one of the few open-source operating systems not derived
from a proprietary OS, such as Unix. The characteristic design philosophy is
that a small trusted computing base is of primary concern in a security oriented
OS." (from wikipedia, more at https://genode.org/ #942, by @ehmry)
User-visible changes
-
use mirage-bootvar-unix instead of OS.Env.argv
(deprecated since mirage-{xen,unix,os-shim}.3.1.0, mirage-solo5.0.5.0) on unix
(#931, by @hannesm)WARNING: this leads to a different semantics for argument passing on Unix:
all arguments are concatenated (using a whitespace " " as separator), and
split on the whitespace character again (by parse-argv). This is coherent
with all other backends, but the whitespace in "--hello=foo bar" needs to
be escaped now. -
mirage now generates upper bounds for hard-coded packages that are used in
generated code. When we now break the API, unikernels which are configured with
an earlier version won't accept the new release of the dependency. This means
API breakage is much smoother for us, apart from that we now track version
numbers in the mirage utility. The following rules were applied for upper bounds:- if version < 1.0.0 then ~min:"a.b.c" ~max:"a.(b+1).0"
- if version > 1.0.0 then ~min:"a.b.c" ~max:"(a+1).0.0"`
- exceptions: tcpip (~min:"3.5.0" ~max:"3.6.0"), mirage-block-ramdisk (unconstrained)
WARNING: Please be careful when release any of the referenced libraries by
taking care of appropriate version numbering.
(initial version in #855 by @avsm, final #946 by @hannesm) -
since functoria.2.2.2, the "package" function (used in unikernel configuration)
is extended with the labeled argument ~pin that receives a string (e.g.
~pin:"git+https://github.com/mirage-random/mirage-random.git"), and is embedded
into the generated opam file as pin-depends -
mirage-random-stdlib is now used for default_random instead of mirage-random
(which since 1.2.0 no longer bundles the stdlib Random
module). mirage-random-stdlib is not cryptographically secure, but "a
lagged-Fibonacci F(55, 24, +) with a modified addition function to enhance the
mixing of bits.", which is now seeded using mirage-entropy. If you configure
your unikernel with "mirage configure --prng fortuna" (since mirage 3.0.0), a
cryptographically secure PRNG will be used (read more at
https://mirage.io/blog/mirage-entropy) -
mirage now revived its command-line "--no-depext", which removes the call to
"opam depext" in the depend and depends target of the generated Makefile
(#948, by @hannesm) -
make depend no longer uses opam pin for opam install --deps-only (#948, by @hannesm)
-
remove unused io_page configuration (initial discussion in #855, #940, by @hannesm)
-
charrua-client requires a Mirage_random interface since 0.11.0 (#938, by @hannesm)
-
split implementations into separate modules (#933, by @emillon)
-
improved opam2 support (declare ocaml as dependency #926)
-
block device writes has been fixed in mirage-solo5.0.5.0
3.2.0
3.2.0 (2018-09-23)
Due to conflicting packages, opam will not upgrade mirage to version 3.2.0 or newer if a version of mirage-solo5 older than 0.4.0 is installed in the switch. To perform the upgrade you must run opam upgrade mirage
explicitly.
Changes required to rebuild and run ukvm unikernels
As of Solo5 0.4.0, the ukvm target has been renamed to hvt. If you are working out of an existing, dirty, source tree, you should initially run:
mirage configure -t hvt
mirage clean
mirage configure -t hvt
and then proceed as normal. If you are working with a clean source tree, then simply configuring with the new hvt target is sufficient:
mirage configure -t hvt
Note that the build products have changed:
The unikernel binary is now named <unikernel>.hvt
,
the ukvm-bin
binary is now named solo5-hvt
.
This is a breaking change: mirage 3.2.0 requires mirage-protocols 1.4.0, mirage-stack 1.3.0, and tcpip 3.5.0 to work (charru-client-mirage 0.10 and mirage-qubes-ipv4 0.6 are adapted to the changes). An older mirage won't be able to use these new libraries correctly. Conflicts were introduced in the opam-repository.
In more detail, direct and socket stack initialisation changed, which is automatically generated by the mirage tool for each unikernel (as part of main.ml
). A record was built up, which is no longer needed.
Several unneeded type aliases were removed:
netif
from Mirage_protocols.ETHIF
ethif
and prefix
from Mirage_protocols.IP
ip
from Mirage_protocols.{UDP,TCP}
netif
and 'netif config
from Mirage_stack.V4
'netif stackv4_config
and socket_stack_config
in Mirage_stack
3.1.1
3.1.1 (2018-08-01)
- for the unix target, add
-tags thread
, as done for the mac osx target (#861,
suggested by @cfcs) - bump minimum mirage-solo5* and solo5-kernel* to 0.3.0 (#914, by @hannesm, as
suggested by @mato) - use the exposed signature in functoria for Key modules (#912, by @Drup)
- add ?group param to all generic devices (#913, by @samoht)
3.1.0
3.1.0 (2018-06-20)
- solo5 v0.3.0 support (#906, by @mato @Kensan @hannesm):
The major new user-visible features for the Solo5 backends are:
ukvm: Now runs natively on FreeBSD vmm and OpenBSD vmm.
ukvm: ARM64 support.
muen: New target, for the Muen Separation Kernel.
ukvm: Improved and documented support for debugging Solo5-based unikernels. - generate libvirt.xml for virtio target (#903, by @bramford)
- don't make xen config documents for target qubes (#895, by @yomimono)
- use a path pin when making depends (#891, by @yomimono)
- move block registration to
configure
section (#892, by @yomimono) - allow to directly specifying xenstore ids (#879, by @yomimono)