** Description changed: Cloud Hypervisor is an open-source Virtual Machine Monitor (VMM) that runs on top of KVM. It is built on top of the rust-vmm project and focuses on running modern cloud workloads on a narrow set of hardware architectures and platforms (x86_64 and aarch64). Cloud and container - workloads are its primary targets, emphasising simplicity, security, - and minimal attack surface over legacy device emulation. + workloads are its primary targets, emphasising simplicity, security, and + minimal attack surface over legacy device emulation. URL: https://github.com/cloud-hypervisor/cloud-hypervisor License: Apache-2.0 OR BSD-3-Clause (upstream), vendored crates under various DFSG-free licenses PPA: https://launchpad.net/~gjolly/+archive/ubuntu/cloud-hypervisor Notes: This package is submitted directly to Ubuntu rather than going through Debian because cloud-hypervisor is a Rust application with ~293 - transitive crate dependencies (per Cargo.lock). Packaging it the - Debian way would require individually packaging each crate via - debcargo, which is impractical given the volume and the fact that many - of these crates (rust-vmm ecosystem: vm-memory, vhost, kvm-ioctls, - etc.) have no other consumers in Debian. For this reason, all Rust - dependencies are vendored into a separate orig tarball. + transitive crate dependencies (per Cargo.lock). Packaging it the Debian + way would require individually packaging each crate via debcargo, which + is impractical given the volume and the fact that many of these crates + (rust-vmm ecosystem: vm-memory, vhost, kvm-ioctls, etc.) have no other + consumers in Debian. For this reason, all Rust dependencies are vendored + into a separate orig tarball. - The package builds for amd64, arm64, and riscv64. Two patches on top - of upstream 52.0 were needed for riscv64: one fixes missing - imports/cfg coverage for the RISC-V UEFI loader and migration timing - code (upstream commit 1e18716fbdc0), the other permits readlinkat and - unlinkat in the riscv64 seccomp filters so the hypervisor is not - killed by its own seccomp policy at runtime (upstream commit - 7d1321515cac). Both are already merged upstream and can be dropped - once a newer upstream release is available. + The package builds for amd64, arm64, and riscv64. Two patches on top of + upstream 52.0 were needed for riscv64: one fixes missing imports/cfg + coverage for the RISC-V UEFI loader and migration timing code (upstream + commit 1e18716fbdc0), the other permits readlinkat and unlinkat in the + riscv64 seccomp filters so the hypervisor is not killed by its own + seccomp policy at runtime (upstream commit 7d1321515cac). Both are + already merged upstream and can be dropped once a newer upstream release + is available. - It builds and installs cleanly from the PPA linked above. - Lintian (lintian -iIE --pedantic --profile ubuntu) reports no errors - or warnings, only minor informational tags. + It builds and installs cleanly from the PPA linked above. Lintian + (lintian -iIE --pedantic --profile ubuntu) on the binary package reports + no errors or warnings, only minor informational tags. The source package + passes lintian with no errors or warnings but required a few overrides + because of the vendor directory. Some of these overrides should probably + be addressed by removing binary test files from the vendor directory but + require a lot of extra work and doesn't seem worth it for now. The package includes autopkgtests that verify a kernel can be booted under cloud-hypervisor. Upstream maintains OBS-based packaging for .deb and .rpm at: - https://github.com/cloud-hypervisor/obs-packaging/tree/main/cloud-hypervisor/deb + https://github.com/cloud-hypervisor/obs-packaging/tree/main/cloud- + hypervisor/deb Two differences with the upstream OBS packaging worth noting: - - The OBS package sets cap_net_admin+ep on the cloud-hypervisor - binary so unprivileged users in the kvm group can launch VMs with - networking. This Ubuntu package does not set that capability for - now, but I am open to adding it if reviewers consider it - acceptable. + - The OBS package sets cap_net_admin+ep on the cloud-hypervisor binary + so unprivileged users in the kvm group can launch VMs with networking. + This Ubuntu package does not set that capability for now, but I am open + to adding it if reviewers consider it acceptable. - - The OBS package also ships vhost_user_block and vhost_user_net - helper binaries. This Ubuntu package omits them as they are not - strictly needed for core VMM operation, but I am open to - reconsidering if there is demand for them. + - The OBS package also ships vhost_user_block and vhost_user_net helper + binaries. This Ubuntu package omits them as they are not strictly needed + for core VMM operation, but I am open to reconsidering if there is + demand for them.
-- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2158959 Title: [needs-packaging] cloud-hypervisor To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+bug/2158959/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
