Added
- Added a new API call, `PUT /metrics`, for configuring the metrics system.
- Added `app_name` field in InstanceInfo struct for storing the application
name.
- New command-line parameters for `firecracker`, named `--log-path`,
`--level`, `--show-level` and `--show-log-origin` that can be used
for configuring the Logger when starting the process. When using
this method for configuration, only `--log-path` is mandatory.
- Added a [guide](docs/devctr-image.md) for updating the dev container image.
- Added a new API call, `PUT /mmds/config`, for configuring the
`MMDS` with a custom valid link-local IPv4 address.
- Added experimental JSON response format support for MMDS guest applications
requests.
- Added metrics for the vsock device.
- Added devtool strip command which removes debug symbols from the release
- Added the `tx_malformed_frames` metric for the virtio net device, emitted
when a TX frame missing the VNET header is encountered.
Fixed
- Added `--version` flag to both Firecracker and Jailer.
- Return `405 Method Not Allowed` MMDS response for non HTTP `GET` MMDS
requests originating from guest.
- Fixed folder permissions in the jail (#1802).
- Any number of whitespace characters are accepted after ":" when parsing HTTP
headers.
- Potential panic condition caused by the net device expecting to find a VNET
header in every frame.
- Potential crash scenario caused by "Content-Length" HTTP header field
accepting negative values.
- Fixed #1754 - net: traffic blocks when running ingress UDP performance tests
with very large buffers.
Changed
- Updated CVE-2019-3016 mitigation information in
[Production Host Setup](docs/prod-host-setup.md)
- In case of using an invalid JSON as a 'config-file' for Firecracker,
the process will exit with return code 152.
- Removed the `testrun.sh` wrapper.
- Removed `metrics_fifo` field from the logger configuration.
- Renamed `log_fifo` field from LoggerConfig to `log_path` and
`metrics_fifo` field from MetricsConfig to `metrics_path`.
- `PATCH /drives/{id}` only allowed post-boot. Use `PUT` for pre-boot
updates to existing configurations.
- `PATCH /network-interfaces/{id}` only allowed post-boot. Use `PUT` for
pre-boot updates to existing configurations.
- Changed returned status code from `500 Internal Server Error` to
`501 Not Implemented`, for queries on the MMDS endpoint in IMDS format, when
the requested resource value type is unsupported.
- Allowed the MMDS data store to be initialized with all supported JSON types.
Retrieval of these values within the guest, besides String, Array, and
Dictionary, is only possible in JSON mode.
- `PATCH` request on `/mmds` before the data store is initialized returns
`403 BadRequest`.
- Segregated MMDS documentation in MMDS design documentation and MMDS user
guide documentation.