Public bug reported:

Cloud Hypervisor is an open-source Virtual Machine Monitor (VMM) that
runs on top of KVM. It is built on top of the rust-vmm project and
focuses on running modern cloud workloads on a narrow set of hardware
architectures and platforms (x86_64 and aarch64). Cloud and container
workloads are its primary targets, emphasising simplicity, security,
and minimal attack surface over legacy device emulation.

URL: https://github.com/cloud-hypervisor/cloud-hypervisor
License: Apache-2.0 OR BSD-3-Clause (upstream), vendored crates under various 
DFSG-free licenses
PPA: https://launchpad.net/~gjolly/+archive/ubuntu/cloud-hypervisor

Notes:

This package is submitted directly to Ubuntu rather than going through
Debian because cloud-hypervisor is a Rust application with ~293
transitive crate dependencies (per Cargo.lock). Packaging it the
Debian way would require individually packaging each crate via
debcargo, which is impractical given the volume and the fact that many
of these crates (rust-vmm ecosystem: vm-memory, vhost, kvm-ioctls,
etc.) have no other consumers in Debian. For this reason, all Rust
dependencies are vendored into a separate orig tarball.

The package builds for amd64, arm64, and riscv64. Two patches on top
of upstream 52.0 were needed for riscv64: one fixes missing
imports/cfg coverage for the RISC-V UEFI loader and migration timing
code (upstream commit 1e18716fbdc0), the other permits readlinkat and
unlinkat in the riscv64 seccomp filters so the hypervisor is not
killed by its own seccomp policy at runtime (upstream commit
7d1321515cac). Both are already merged upstream and can be dropped
once a newer upstream release is available.

It builds and installs cleanly from the PPA linked above.
Lintian (lintian -iIE --pedantic --profile ubuntu) reports no errors
or warnings, only minor informational tags.

The package includes autopkgtests that verify a kernel can be booted
under cloud-hypervisor.

Upstream maintains OBS-based packaging for .deb and .rpm at:
https://github.com/cloud-hypervisor/obs-packaging/tree/main/cloud-hypervisor/deb

Two differences with the upstream OBS packaging worth noting:

 - The OBS package sets cap_net_admin+ep on the cloud-hypervisor
   binary so unprivileged users in the kvm group can launch VMs with
   networking. This Ubuntu package does not set that capability for
   now, but I am open to adding it if reviewers consider it
   acceptable.

 - The OBS package also ships vhost_user_block and vhost_user_net
   helper binaries. This Ubuntu package omits them as they are not
   strictly needed for core VMM operation, but I am open to
   reconsidering if there is demand for them.

** Affects: ubuntu
     Importance: Undecided
         Status: New

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2158959

Title:
  [needs-packaging] cloud-hypervisor

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+bug/2158959/+subscriptions


-- 
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

Reply via email to