From: Andrea Bolognani <abologna@xxxxxxxxxx> Signed-off-by: Andrea Bolognani <abologna@xxxxxxxxxx> --- docs/news.xml | 81 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 81 insertions(+) diff --git a/docs/news.xml b/docs/news.xml index 468d340..7348838 100644 --- a/docs/news.xml +++ b/docs/news.xml @@ -61,6 +61,16 @@ Support specifying extended TSEG size for SMM in QEMU. </description> </change> + <change> + <summary> + qemu: Add support for SEV guests + </summary> + <description> + SEV (Secure Encrypted Virtualization) is a feature available on AMD + CPUs that encrypts the guest memory and makes it inaccessible even + to the host OS. + </description> + </change> </section> <section title="Removed features"> <change> @@ -76,6 +86,24 @@ secret objects, but that support was never added to libvirt. </description> </change> + <change> + <summary> + Make GnuTLS mandatory + </summary> + <description> + Building without GnuTLS is no longer possible. + </description> + </change> + <change> + <summary> + qemu: Remove allow_disk_format_probing configuration option + </summary> + <description> + The option represented a security risk when used with malicious + disk images, so users were recommended against enabling it; with + this release, it's been removed altogether. + </description> + </change> </section> <section title="Improvements"> <change> @@ -130,6 +158,39 @@ or virStorageVolCreateXMLFrom. </description> </change> + <change> + <summary> + qemu: Add support for vsock hot (un)plug and cold (un)plug + </summary> + </change> + <change> + <summary> + qemu: Add support for NBD over TLS + </summary> + <description> + NBD volumes can now be accessed securely. + </description> + </change> + <change> + <summary> + qemu: Implement FD passing for Unix sockets + </summary> + <description> + Instead of having QEMU open the socket and then connecting to it, + which is inherently racy, starting with QEMU 2.12 we can open the + socket ourselves and pass it to QEMU, avoiding race conditions. + </description> + </change> + <change> + <summary> + virsh: Introduce --nowait option for domstat command + </summary> + <description> + When this option is specified, virsh will try to fetch the guest + stats but abort instead of stalling if they can't be retrieved right + away. + </description> + </change> </section> <section title="Bug fixes"> <change> @@ -143,6 +204,26 @@ us getting to the worker pool initialization. </description> </change> + <change> + <summary> + qemu: Fix domain resume after failed migration + </summary> + <description> + Recent versions of QEMU activate block devices before the guest CPU + has been started, which makes it impossible to roll back a failed + migration. Use the <code>late-block-activate</code> migration + capability if supported to avoid the issue. + </description> + </change> + <change> + <summary> + vmx: Permit guests to have an odd number of vCPUs + </summary> + <description> + An odd number of vCPUs greater than 1 was forbidden in the past, + but current versions of ESXi have lifted that restriction. + </description> + </change> </section> </release> <release version="v4.4.0" date="2018-06-04"> -- 1.8.3.1 -- libvir-list mailing list libvir-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/libvir-list