for the unix target, add
-tags thread, as done for the mac osx target (#861,
suggested by @cfcs)
bump minimum mirage-solo5* and solo5-kernel* to 0.3.0 (#914, by @hannesm, as
suggested by @mato)
use the exposed signature in functoria for Key modules (#912, by @Drup)
add ?group param to all generic devices (#913, by @samoht)
solo5 v0.3.0 support (#906, by @mato @kensan @hannesm):
The major new user-visible features for the Solo5 backends are:
ukvm: Now runs natively on FreeBSD vmm and OpenBSD vmm.
ukvm: ARM64 support.
muen: New target, for the Muen Separation Kernel.
ukvm: Improved and documented support for debugging Solo5-based unikernels.
generate libvirt.xml for virtio target (#903, by @bramford)
don't make xen config documents for target qubes (#895, by @yomimono)
use a path pin when making depends (#891, by @yomimono)
move block registration to
configuresection (#892, by @yomimono)
allow to directly specifying xenstore ids (#879, by @yomimono)
when passing block devices to
xen, pass the raw filename rather than trying to infer the xenstore ID (#874, by @yomimono)
make homepage in opam files consistent (#872, by @djs55)
the released version of
(#870 by @hannesm)
remove macOS < yosemite support (#860 by @hannesm)
cohttp-mirage(#863 by @djs55)
opam: require OCaml 4.04.2+ (#867 by @hannesm)
Allow runtime configuration of syslog via config keys
--syslog-hostname(#853 via @hannesm).
Switch build of tool and libraries to Jbuilder (by @samoht)
Fix a warning when connecting to a ramdisk device (#837 by @g2p)
Fix reference to tar library when using
--kv-ro archive(#848 by @mor1)
Adapt to latest functoria API (#849 by @samoht)
--gdbargument for ukvm targets so that debuggers can be attached easily.
mirage configure --gdb -t ukvmto work (@ricarkol in #847).
Adapt to latest functoria (#849 by @samoht)
Adapt to latest charrua, tcpip (#854 by @yomimono)
Switch to jbuilder (#850 by @samoht)
Packaging updates for latest opam repository:
ARP is compatible with MirageOS3 since 0.2.0 (#851 by @hannesm)
add a --block configure flag for picking ramdisk or file-backed disk
add lower bounds on packages
fallback to system
update for mirage-qubes-ipv4
restore ocamlbuild colors when
TERM <> dumb && Unix.isatty stdout(#814, by @hannesm)
remove "-color always" from ocamlbuild invocation (bugfix for some scripts interpreting build output) (#811, by @hannesm)
provide a "random" module argument when invoking IPv6.Make (compat with tcpip 3.1.0) (#801, by @hannesm)
add a "depends" target to the generated Makefile (controversial and may be removed) (#805, by @yomimono)
allow qubesdb to be requested in config.ml when the target is xen (#807, by @talex5)
rename module types modules: V1 -> Mirage_types, V1_LWT -> Mirage_types_lwt (#766, by @yomimono, @samoht, and @hannesm)
split type signatures and error printers into separate libraries (#755, #753, #752, #751, #764, and several others, by @samoht and @yomimono)
use mirage-fs instead of ocaml-fat to transform FS into KV_RO (#756, by @samoht)
changes to simplify choosing an alternate ARP implementation (#750, by @hannesm)
add configurators for syslog reporter (#749, by @hannesm)
filter incoming boot-time arguments for all Xen backends, not just QubesOS (#746, by @yomimono)
give mirage-types-lwt its own library, instead of a mirage-types sublibrary called lwt (#735, by @hannesm)
Format_unknownerror from FS module type (#733, by @djs55)
ocamlify FAT name (#723 by @yomimono)
errorfrom DEVICE module type (#728, by @hannesm)
UDP requires random for source port randomization (#726 by @hannesm)
drop "mir-" prefix from generated binaries (#725 by @hannesm)
BLOCK and FS uses result types (#705 by @yomimono)
depext fixes (#718 by @mato)
workflow changes: separate configure, depend, build phases, generate opam file during configure (#703, #711 by @hannesm)
tap0 is now default_network (#715, #719 by @yomimono, @mato)
ARP uses result types (#711 by @yomimono)
ipv4 key (instead of separate ip and netmask) (#707, #709 by @yomimono)
CHANNEL uses result types (#702 by @avsm)
no custom myocamlbuild.ml, was needed for OCaml 4.00 (#693 by @hannesm)
revert custom ld via pkg-config (#692 by @hannesm)
result types for FLOW and other network components (#690 by @yomimono)
is_xenkey (#682, by @hannesm)
mirage-clock-xen is now mirage-clock-freestanding (#684, by @mato)
mirage-runtime is a separate opam package providing common functionality (#681, #615 by @hannesm)
qubestarget for making Xen unikernels which boot & configure themselves correctly on QubesOS. (#553, by @yomimono)
revised V1.CONSOLE interface: removed log, renamed log_s to log (#667, by @hannesm)
remove Str module from OCaml runtime (#663, in ocaml-freestanding and mirage-xen-ocaml, by @hannesm)
new configuration time keyword: prng to select the default prng (#611, by @hannesm)
fail early if tracing is attempted with Solo5 (#657, by @yomimono)
refactor ipv4, stackv4, and dhcp handling (#643, by @yomimono)
create xen-related helper files only when the target is xen (#639, by @hannesm)
improvements to nocrypto handling (#636, by @pqwy)
disable warning #42 in generated code for unikernels (#633, by @hannesm)
V1.NETWORK functions return a Result.t rather than polyvars indicating success or errors (#615, by @hannesm)
remove GNUisms and unnecessary artifacts from build (#623, #627, by @mato and @hannesm)
DEVICEmodule type. (#612, by @yomimono and @talex5)
revise the RANDOM signature to provide n random bytes; provide nocrypto_random and stdlib_random (#551 and #610, by @hannesm)
directas an option for
kv_ro. (#607, by @mor1)
memfunction in KV_RO, and add
Failureerror variant (#606, by @yomimono)
connectfunctions are no longer expected to return polyvars, but rather to raise exceptions if
connectfails and return the value directly. (#602, by @hannesm)
new documentation using
odig(#591, #593, #594, #597, #598, #599, #600, and more, by @avsm)
change build system to
oasis. (#558, #590, #654, #673, by @avsm, @samoht, @hannesm, @dbuenzli)
express io-page dependency of crunch. (#585, by @yomimono and @mato)
deprecate the CLOCK module type in favor of PCLOCK (POSIX clock) and
MCLOCK (a monotonically increasing counter of elapsed nanoseconds).
(#548 and #579, by @mattgray and @yomimono)
emit an ocamlfind predicate that matches the target, reducing the
amount of duplication by target required of library authors
(#568, by @pqwy)
is_unixkey (#575, by @mato)
use an int64 representing nanoseconds as the argument for
instead of a float representing seconds. (#547, by @hannesm)
expose new targets
by @djwillia, @mato, and @hannesm).
remove users of
base_context, which includes command-line arguments
add_to_opam_packages. As a side effect, fix a long-standing error message
bug when invoking
config.mlthat does not build.
(#560, by @yomimono)
libgcc.aonly on ARM & other build improvements (#544, by @hannesm)
allow users to use
crunchon unix with
kv_ro; clean up crunch .mlis on
clean (#556, by @yomimono)
remove console arguments to network functors (#554, by @talex5 and @yomimono)
standardize ip source and destination argument names as
source and destination ports as
dst_port(#546, by @yomimono)
a large number of documentation improvements (#549, by @djs55)
pseudoheaderfunction for IP module types. (#541, by @yomimono)
always build with
ocamlbuild -r, to avoid repetitive failure message
(#537, by @talex5)
Warn users of command-line arguments
--xenthat support for
these will soon be dropped. Instead, use
(#561, by @yomimono)
Warn users of functions
add_to_ocamlfind_libraries lthat support for these will soon be dropped.
respectively. (#561, by @yomimono).
Add logging support. A new
available. This parameter defines how to configure the log reporter,
Mirage_logs. Log reporters can also be configured
at configuration AND runtime using on the new
command-line argument. (#534, by @samoht, @talex5 and @Drup)
Allow to disable command-line parsing at runtime. There is a new
argvparameter to the
registerfunction to allow to pass custom
command-line argument parsing devices. Use
to disable command-line argument parsing. (#493, by @samoht and @Drup)
Define an ICMP and ICMPV4 module type. ICMPV4 is included in, and
surfaced by, the STACKV4 module type. The previous default behavior
of the IPv4 module with respect to ICMP is preserved by STACKV4 and
the tcpip_stack_direct function provided by mirage. (#523, by
Explicitly require OCaml compiler version 4.02.3 in opam files for
mirage-types and mirage.
Fix another regression introduced in 2.7.1 which enable
-warn-errorby default. This is now controlled by a
mirage configure. Currently it's
default value is [false] but this might change in future
Fix regression introduced in 2.7.1 which truncates the ouput of
opam installand breaks
opam depext(#519, by @samoht)
Improve the Dockerfile (#507, by @avsm)
Use Astring (by @samoht)
Clean-up dependencies automatically added by the tool
do not require
should make the default unikernels camlp4-free (#510, #515 by @samoht)
mirage-platform(#512, by @talex5)
Turn on more warnings and enable "warning as errors".
Check that the OCaml compiler is at least 4.02.3 (by @samoht)
The mirage tool is now based on functoria. (#441 #450, by @drup @samoht)
See https://mirage.io/blog/introducing-functoria for full details.
Command line interface: The config file must be passed with the -f option
(instead of being just an argument).
Two new generic combinators are available, generic_stack and generic_kv_ro.
get_modeis deprecated. You should use keys instead. And in particular
add_to_opam_packagesare deprecated. Both
registerfunctions now accept the
~packagesarguments to specify library dependencies.
If you were using
tlswithout the conduit combinator, you will be
greeted during configuration by a message like this:
The "nocrypto" library is loaded but entropy is not enabled!
Please enable the entropy by adding a dependency to the nocrypto device.
You can do so by adding ~deps:[abstract nocrypto] to the arguments of Mirage.foreign.
Data dependencies (such as entropy initialization) are now explicit. In order to fix this, you need to declare the dependency like so: ```ocaml open Mirage let my_functor = let deps = [abstract nocrypto] in foreign ~deps "My_Functor" (foo @-> bar)
My_functor.start will now take an extra argument for each
dependencies. In the case of nocrypto, this is
nat-script.shfrom the scripts directory, to be available
as an external script.
Xen: improve the .xl file generation. We now have
name.xl: this has sensible defaults for everything including the
network bridges and should "just work" if used on the build box
name.xl.in: this has all the settings needed to boot (e.g. presence of
block and network devices) but all the environmental dependencies are
represented by easily-substitutable variables. This file is intended for
production use: simply replace the variables for the paths, bridges, memory
sizes etc. and run
xl createas before.
Better ARP support. This needs
mirage-tcpip.2.6.0(#419, by @yomimono)
Provide noop configuration for default_time (#435, by @yomimono)
Mirage.archive_of_filesto support attaching files
via a read-only tar-formatted BLOCK (#432, by @djs55)
Add a .merlin file (#428, by @Drup)
V1_LWT.FS.page_aligned_buffer = Cstruct.t
Change the type of the
Mirage.http_servercombinator. The first argument
(the conduit server configuration) is removed and should now be provided
at compile-time in
unikernel.mlinstead of configuration-time in
(* [config.ml] )
( in 2.4 ) let http = http_server (
TCP (Port 80)) conduit
( in 2.5 *) let http = http_server conduit
(* [unikernel.ml] )
let start http =
( in 2.4 ) http (S.make ~conn_closed ~callback ())
( in 2.5 *) http (`TCP 80) (S.make ~conn_closed ~callback ())
Change the type of the
Previously, it took an optional
vchanimplementation, an optional
tlsimmplementation and an optional
it simply takes a
stackv4implementation and a boolean to enable
or disable the
tlsstack. Users who want to continue to use
conduitshould now use the
unikernel.mlinstead of the combinators in
enable the TLS stack:
(* [config.ml] *)
let conduit = conduit_direct ~tls:true (stack default_console)
(* [unikernel.ml] *)
module Main (C: Conduit_mirage.S): struct
let start conduit =
C.listen conduit (
TLS (tls_config, TCP 443)) callback
V1_LWT.ENTROPY. The entropy is now
handled directly by
nocrypto.0.4.0and the mirage-tool is only responsible to
Mirage.vchan_default. Vchan users need to adapt their code to directly
Vchanfunctors instead of relying on the combinators.
Fix misleading "Compiling for target" messages in
(#408 by @lnmx)
--no-depextto disable the automatic installation of opam depexts (#402)
@name/filefindlib's extended name syntax in
@nameis expanded to
Modernize the Travis CI scripts
Add time and clock parameters to IPv4 (#362, patch from @yomimono)
Conduit now takes an optional TLS argument, allowing servers to support
Add the ability to specify
Makefile.userto extend the generated
cleanare now extensible make
mirage runcommand (#379)
opam depextwhen configuring (#373)
Add opam files for
update-doctarget to the Makefile to easily update the online
documentation at http://mirage.github.io/mirage/
IO_PAGEmodule type from
V1. This has now moved into the
V1module types. When a module is
functorised over a
DEVICEit should only have the ability to
use devices it is given, not to connect to new ones. (#150)
V1module types to allow for
generic handling of errors. (#346)
IP.uipaddras a universal IP address type. (#361)
entropyversion 0.2+ interfaces. (#359)
Check that the
opamcommand is at least version 1.2.0 (#355)
Don't put '-classic-display' in the generated Makefiles. (#364)
Fix logging errors when
mirageoutput is not redirected. (#355)
Do not reverse the order of C libraries when linking. This fixes Zarith
linking in Xen mode. (#341).
Fix typos in command line help. (#352).
Add IPv6 support. This alters some of the interfaces that were previously
hardcoded to IPv4 by generalising them. For example:
type 'a ip
type ipv4 = v4 ip
type ipv6 = v6 ip
Full support for configuring IPv6 does not exist yet, as this release is
intended for getting the type definitions in place before adding configuration
Do not reuse the Unix linker options when building Xen unikernels. Instead,
get the linker options from the ocamlfind
tcpip.2.1.0for a library that does this for a C binding.
Only activate MacOS X compilation by default on 10.10 (Yosemite) or higher.
Older revisions of MacOS X will use the generic Unix mode by default, since
vmnetframework requires Yosemite or higher.
Do not run crunched filesystem modules through
camlp4, which significantly
speeds up compilation on ARM platforms (from minutes to seconds!) (#299).
Add specific support for
MacOSXas a platform, which enables network bridging
on Yosemite (#329). The
--unixflag will automatically activate the new target
if run on a MacOS X host. If this breaks for you due to being on an older version of
MacOS X, then use the new
--targetflag to set either Unix, MacOSX or Xen to the
mirage.runtimefindlib library and corresponding Mirage_runtime module (#327).
If net driver in STACKV4_direct can't initialize, print a helpful error (#164).
[xen]: fixed link order in generated Makefile (#322).
Lwt.tracinginstructions work for Fish shell too by improving quoting (#328).
register ~tracingto enable tracing with mirage-profile at start-up (#321).
Update Dockerfile for latest libraries (#320).
Only build mirage-types if Io_page is also installed (#324).
[types]: backwards incompatible change: CONSOLE is now a FLOW;
'write' has a different signature and 'write_all' has been removed.
Set on_crash = 'preserve' in default Xen config.
Automatically install dependencies again, but display the live output to the
Include C stub libraries in linker command when generating Makefiles for Xen.
*.xescript which can upload a kernel to a XenServer.
Generate a libvirt
*.xmlconfiguration file (#292).
Fix determination of
mirage-xenlocation for paths with spaces (#279).
Correctly show config file locations when using a custom one.
Fix generation of foreign (non-functor) modules (#293)
The Mirage frontend tool now generates a Makefile with a
target, instead of directly invoking OPAM as part of
This greatly improves usability on slow platforms such as ARM, since the
output of OPAM as it builds can be inspected more easily. Users will now
need to run
make depend to ensure they have the latest package set,
before building their unikernel with
make as normal.
Improve format of generated Makefile, and also colours in terminal output.
make dependtarget to generated Makefile.
OPAMYESin the Makefile, which can be overridden.
ENTROPYdevice type for strong random sources (#256).
Build OPAM packages in verbose mode by default.
travis: build mirage-types from here, rather than 1.1.0.
Improvement to the Amazon EC2 deployment script.
[types] Augment STACKV4 with an IPV4 module in addition to TCPV4 and UDPV4.
Regenerate with OASIS 0.4.4 (which adds natdynlink support)
Man page fixes for typos and terminology (#220).
Activate backtrace recording by default (#225).
Fixes in the
V1.STACKV4to expose UDPv4/TCPv4 types properly (#226).
Add a combinator interface to device binding that makes the functor generation
significantly more succinct and expressive. This breaks backwards compatibility
config.mlfiles from the 1.0.x branches.
types. This is built as a separate
library from the command-line tool, via the
Add default build tags for annot, bin_annot, principal and strict_sequence.
Do not remove OPAM packages when doing
[xen] generate a simple main.xl, without block devices or network interfaces.
The HTTP dependency now also installs
Fix generated Makefile dependency on source OCaml files to rebuild reliably.
Fat_KV_RO(a read-only k/v version of the FAT filesystem).
KV_ROnow passes through to the underlying filesystem instead of calling
KV_ROconfiguration for OPAM autoinstall.
Add more examples to the FAT filesystem test case.
Adapt the latest library releases for Mirage 1.0 interfaces.
Complete API rewrite
[xen] XL configuration phase is now created during configure phase, was during run phase.
Generate code that uses the
Ipaddr.V4interface instead of
fix unix-direct by linking the unix package correctly (previously it was always dropped).
completely remove the dependency on obuild: use ocamlbuild everywhere now.
adapt for mirage-0.9.3 OS.Netif interfaces (abstract type
do not output network config when there are no
ip-*lines in the
do not try to install
mirage-fsif there is no filesystem to create.
nat-script.shto setup xenbr0 with DNS, DHCP and masqerading under Linux.
build using ocamlbuild rather than depending on obuild.
[xen] generate a symbol that can be used to produce stack traces with xenctx.
mirari run --socket just runs the unikernel without any tuntap work.
mirari run --xen creates a xl config file and runs
xl create -c unikernel.xl.
--socketflag to activate socket-based networking (UNIX only).
Do not use OPAM compiler switches any more, as that's done in the packaging now.
Use fd-passing in the UNIX backend to spawn a process.
obuildautomatically in all compiler switches (such as Xen).
Only create symlinks to
mir-foofor a non-Xen target.
Add the autoswitch feature via
mirari --switch=<compiler>or the config file.
Fix Xen symlink upon build.
mirari configureto prevent invoking OPAM automatically.
mirage-fspackage if a filesystem crunch is requested.
Remove the need for
mir-runby including the final Xen link directly in Mirari.
Add support for building Xen variants.
Initial import of a unix-direct version.