From nobody Sun Feb  8 19:24:53 2026
Delivered-To: importer@patchew.org
Received-SPF: pass (zohomail.com: domain of redhat.com designates
 170.10.133.124 as permitted sender) client-ip=170.10.133.124;
 envelope-from=libvir-list-bounces@redhat.com;
 helo=us-smtp-delivery-124.mimecast.com;
Authentication-Results: mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of redhat.com designates 170.10.133.124 as
 permitted sender)  smtp.mailfrom=libvir-list-bounces@redhat.com;
	dmarc=pass(p=none dis=none)  header.from=redhat.com
ARC-Seal: i=1; a=rsa-sha256; t=1669630245; cv=none;
	d=zohomail.com; s=zohoarc;
	b=i+SPsM8QkgWbfV9q1bnBkpT7AlKlEhf8XN6xhTAT4PiljX+0VhSJy+JDmp/RXMk9zrEkllwviRC/t+Xgtu5jgEYMqMqa4a+Ho5BbEQB5kApw03eE+H5ZJ/1fVMwOLfaA6eQflrLjb0cz1PTtjXkyO0N4HxIi0a0rFw0yhnkepnQ=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com;
 s=zohoarc;
	t=1669630245;
 h=Content-Type:Content-Transfer-Encoding:Date:From:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Sender:Subject:To;
	bh=kNcWLA5oy6YqaHs5pEojsfOjTzuwswUpbXUQB/PIBWw=;
	b=H5YYRUAuozgPEnadh0jkS/RQVOXI8OjWLMPuAlsdSxdU7HfCdSfTEBcyGpafPNBbJn4F6iXectihHv6cVxoSzeA/zSQE5QmFIjdJWFd1MWUxZCh7O020cBUOU67JrpM4wNHtjRnS1asR7ZKpJaF0pvIdjYMmSehDhIgMX7o3Y+Q=
ARC-Authentication-Results: i=1; mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of redhat.com designates 170.10.133.124 as
 permitted sender)  smtp.mailfrom=libvir-list-bounces@redhat.com;
	dmarc=pass header.from=<pkrempa@redhat.com> (p=none dis=none)
Return-Path: <libvir-list-bounces@redhat.com>
Received: from us-smtp-delivery-124.mimecast.com
 (us-smtp-delivery-124.mimecast.com [170.10.133.124]) by mx.zohomail.com
	with SMTPS id 1669630245037850.547264007895;
 Mon, 28 Nov 2022 02:10:45 -0800 (PST)
Received: from mimecast-mx02.redhat.com (mimecast-mx02.redhat.com
 [66.187.233.88]) by relay.mimecast.com with ESMTP with STARTTLS
 (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id
 us-mta-344-ob8giVsmMWSYz3vkffMw4w-1; Mon, 28 Nov 2022 05:10:41 -0500
Received: from smtp.corp.redhat.com (int-mx07.intmail.prod.int.rdu2.redhat.com
 [10.11.54.7])
	(using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
	(No client certificate requested)
	by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 32368806002;
	Mon, 28 Nov 2022 10:10:39 +0000 (UTC)
Received: from mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com
 (mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com [10.30.29.100])
	by smtp.corp.redhat.com (Postfix) with ESMTP id F07861415100;
	Mon, 28 Nov 2022 10:10:35 +0000 (UTC)
Received: from mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com
 (localhost [IPv6:::1])
	by mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (Postfix) with
 ESMTP id B0A461946589;
	Mon, 28 Nov 2022 10:10:35 +0000 (UTC)
Received: from smtp.corp.redhat.com (int-mx05.intmail.prod.int.rdu2.redhat.com
 [10.11.54.5])
 by mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (Postfix) with
 ESMTP id 0BC871946588 for <libvir-list@listman.corp.redhat.com>;
 Mon, 28 Nov 2022 10:10:34 +0000 (UTC)
Received: by smtp.corp.redhat.com (Postfix)
 id ED40918EB4; Mon, 28 Nov 2022 10:10:33 +0000 (UTC)
Received: from speedmetal.redhat.com (ovpn-208-20.brq.redhat.com
 [10.40.208.20])
 by smtp.corp.redhat.com (Postfix) with ESMTP id 2A6571759E
 for <libvir-list@redhat.com>; Mon, 28 Nov 2022 10:10:32 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com;
	s=mimecast20190719; t=1669630244;
	h=from:from:sender:sender:reply-to:subject:subject:date:date:
	 message-id:message-id:to:to:cc:mime-version:mime-version:
	 content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding:list-id:list-help:
	 list-unsubscribe:list-subscribe:list-post;
	bh=kNcWLA5oy6YqaHs5pEojsfOjTzuwswUpbXUQB/PIBWw=;
	b=TuogpPRcAf/mCRezjJgd4P2Hyor5vnozJVwIXUVG+mVc2z7M/LmTmkrCpksqak2tcI3kl8
	QyK5G7PqXvjaKbeSxTKlNLIxkn9eq7cUwlmbokM688o0ac3QCS5eAd9K1Id/SXAy9TouB2
	xnOXJP5WPO0fRVNSJIXUQOdQSb5wdP8=
X-MC-Unique: ob8giVsmMWSYz3vkffMw4w-1
X-Original-To: libvir-list@listman.corp.redhat.com
From: Peter Krempa <pkrempa@redhat.com>
To: libvir-list@redhat.com
Subject: [PATCH] NEWS: Update for 8.10.0
Date: Mon, 28 Nov 2022 11:10:31 +0100
Message-Id: 
 <3a31eaa1f1b4d7c1b2498682e96e3c4e6f00f6df.1669630231.git.pkrempa@redhat.com>
MIME-Version: 1.0
X-Scanned-By: MIMEDefang 3.1 on 10.11.54.5
X-BeenThere: libvir-list@redhat.com
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Development discussions about the libvirt library & tools
 <libvir-list.redhat.com>
List-Unsubscribe: <https://listman.redhat.com/mailman/options/libvir-list>,
 <mailto:libvir-list-request@redhat.com?subject=unsubscribe>
List-Archive: <http://listman.redhat.com/archives/libvir-list/>
List-Post: <mailto:libvir-list@redhat.com>
List-Help: <mailto:libvir-list-request@redhat.com?subject=help>
List-Subscribe: <https://listman.redhat.com/mailman/listinfo/libvir-list>,
 <mailto:libvir-list-request@redhat.com?subject=subscribe>
Errors-To: libvir-list-bounces@redhat.com
Sender: "libvir-list" <libvir-list-bounces@redhat.com>
X-Scanned-By: MIMEDefang 3.1 on 10.11.54.7
X-Mimecast-Spam-Score: 0
X-Mimecast-Originator: redhat.com
Content-Transfer-Encoding: quoted-printable
X-ZohoMail-DKIM: pass (identity @redhat.com)
X-ZM-MESSAGEID: 1669630246958100001
Content-Type: text/plain; charset="utf-8"

Mention 'virt-qemu-sev-validate', SGX EPC, vTPM migration, cpu flag
additions and other notable changes in this release.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: J=C3=A1n Tomko <jtomko@redhat.com>
---
 NEWS.rst | 75 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 75 insertions(+)

diff --git a/NEWS.rst b/NEWS.rst
index 2ce8ef4b6a..c119d68da6 100644
--- a/NEWS.rst
+++ b/NEWS.rst
@@ -17,10 +17,85 @@ v8.10.0 (unreleased)

 * **New features**

+  * Tool for validating SEV firmware boot measurement of QEMU VMs
+
+    The ``virt-qemu-sev-validate`` program will compare a reported SEV/SEV=
-ES
+    domain launch measurement, to a computed launch measurement. This
+    determines whether the domain has been tampered with during launch.
+
+  * Support for SGX EPC (enclave page cache)
+
+    Users can add a ``<memory model=3D'sgx-epc'>`` device to lauch a VM wi=
th
+    ``Intel Software Guard Extensions``.
+
+  * Support migration of vTPM state of QEMU vms on shared storage
+
+    Pass ``--migration`` option if appropriate in order for ``swtpm`` to
+    properly migrate on shared storage.
+
 * **Improvements**

+  * Mark close callback (un-)register API as high priority
+
+    High priority APIs use a separate thread pool thus can help in elimina=
ting
+    problems with stuck VMs. Marking the close callback API as high priori=
ty
+    allows ``virsh`` to properly connect to the daemon in case the normal
+    priority workers are stuck allowing other high priority API usage.
+
+  * Updated x86 CPU features
+
+    The following features for the x86 platform were added:
+    ``v-vmsave-vmload``, ``vgif``, ``avx512-vp2intersect``, ``avx512-fp16`=
`,
+    ``serialize``, ``tsx-ldtrk``, ``arch-lbr``, ``xfd``, ``intel-pt-lip``,
+    ``avic``, ``sgx``, ``sgxlc``, ``sgx-exinfo``, ``sgx1``, ``sgx2``,
+    ``sgx-debug``, ``sgx-mode64``, ``sgx-provisionkey``, ``sgx-tokenkey``,
+    ``sgx-kss``, ``bus-lock-detect``, ``pks``, ``amx``.
+
+  * Add support for ``hv-avic`` Hyper-V enlightenment
+
+    ``qemu-6.2`` introduced support for the ``hv-avic`` enlightenment which
+    allows to use Hyper-V SynIC with hardware APICv/AVIC enabled.
+
+  * qemu: Run memory preallocation with numa-pinned threads
+
+    Run the thread allocating memory in the proper NUMA node to reduce ove=
rhead.
+
+  * RPM packaging changes
+
+    - add optional dependancy of ``libvirt-daemon`` on ``libvirt-client``
+
+      The ``libvirt-guests.`` tool requires the ``virsh`` client to work
+      properly, but we don't want to require the installation of the daemon
+      if the tool is not used.
+
+    - relax required ``python3-libvirt`` version for ``libvirt-client-qemu=
``
+
+      The ``virt-qemu-qmp-proxy`` tool requires python but doesn't strictly
+      need the newest version. Remove the strict versioning requirement in
+      order to prevent cyclic dependency when building.
+
 * **Bug fixes**

+  * Skip initialization of ``cache`` capabilities if host doesn't support =
them
+
+    Hypervisor drivers would fail to initialize on ``aarch64`` hosts with
+    following error ::
+
+      virStateInitialize:657 : Initialisation of cloud-hypervisor state dr=
iver failed: no error
+
+    which prevented the startup of the daemon.
+
+  * Allow incoming connections to guests on routed networks w/firewalld
+
+    A change in handling of implicit rules in ``firewalld 1.0.0`` broke
+    incomming connections to VMs when using ``routed`` network. This is fi=
xed
+    by adding a new ``libvirt-routed`` zone configured to once again allow
+    incoming sessions to guests on routed networks.
+
+  * Fix infinite loop in nodedev driver
+
+    Certain udev entries might be of a size that makes libudev emit EINVAL
+    which caused a busy loop burning CPU. Fix it by ignoring the return co=
de.

 v8.9.0 (2022-11-01)
 =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
--=20
2.38.1