|
| 1 | +:::{note} |
| 2 | +**AI Translation Notice** |
| 3 | + |
| 4 | +This document was automatically translated by `hunyuan-turbos-latest` model, for reference only. |
| 5 | + |
| 6 | +- Source document: community/ChangeLog/V0.3.x/V0.3.0.md |
| 7 | + |
| 8 | +- Translation time: 2025-11-19 17:00:11 |
| 9 | + |
| 10 | +- Translation model: `hunyuan-turbos-latest` |
| 11 | + |
| 12 | +Please report issues via [Community Channel](https://github.com/DragonOS-Community/DragonOS/issues) |
| 13 | + |
| 14 | +::: |
| 15 | + |
| 16 | +# V.3.0 |
| 17 | + |
| 18 | +> Release Date: 2025-11-20 |
| 19 | +
|
| 20 | +## Key Highlights |
| 21 | + |
| 22 | +### Breakthrough in Linux Compatibility |
| 23 | +- **Passed 275 Linux compatibility test cases**, with continuous tracking of test results available at [ci-dashboard.dragonos.org](https://ci-dashboard.dragonos.org) |
| 24 | +- Introduced automated testing suite for gVisor Linux system calls, enabling real-time tracking of kernel behavior and Linux compatibility with every commit/merge |
| 25 | +- Achieved compatibility with multiple gVisor system call tests, bringing kernel behavior closer to Linux |
| 26 | + |
| 27 | +### Significant Enhancement in Container-Native Capabilities |
| 28 | +- **Namespace Support**: Improved UTS, IPC, and mnt namespaces, supporting `unshare` operations, aligning container isolation boundaries and permission models with the Linux mainline |
| 29 | +- **Permissions and Capabilities**: Fixed `capset/capget` system calls and `sethostname/domainname`, enhancing container identity management |
| 30 | +- **Filesystem Enhancements**: Added six xattr system calls, `SYS_PWRITEV`, `truncate`, and path traversal/directory switching permission checks, ensuring controllable container image builds and file mounts |
| 31 | +- **Network Subsystem Restructuring**: Completely new network subsystem implementation offering better Linux compatibility and extensibility; bridge network support for multi-tenant and edge node scenarios |
| 32 | +- **Operations Tools**: Dropbear SSH server support for out-of-the-box usability in lightweight cloud-native scenarios |
| 33 | + |
| 34 | +### Improved Multi-threading Stability |
| 35 | +- A series of changes including thread group exit mechanisms, PI futex, and `prctl(PR_SET_PDEATHSIG/PR_SET_NAME)`, bringing lifecycle control of complex processes closer to the Linux mainline |
| 36 | +- Go language example programs demonstrating DragonOS best practices in multi-threaded scenarios |
| 37 | +- Thorough fixes for historical issues such as vfork, CLONE_PARENT_SETTID, signal frames, FP states, etc. |
| 38 | + |
| 39 | +### Comprehensive Expansion of System Calls |
| 40 | +Added support for 10+ new system call interfaces, including: |
| 41 | +- `waitid`, `rt_sigtimedwait`, `setitimer/getitimer`, `clock_nanosleep`, `tgkill/tkill` |
| 42 | +- `SYS_GETCPU`, `SYS_PWRITEV`, `truncate` |
| 43 | +- Six xattr-related system calls, `capset/capget` |
| 44 | +- `clone3`, `get_mempolicy`, `mincore` |
| 45 | + |
| 46 | +## Version Overview |
| 47 | +- **Kernel Features**: Enhanced scheduling/signal chains including thread group exit, PI futex, PR_SET_PDEATHSIG/PR_SET_NAME, SYS_GETCPU, waitid, rt_sigtimedwait, setitimer/getitimer, clock_nanosleep |
| 48 | +- **Memory and Synchronization**: VM_DONTCOPY flag, mincore, RLIMIT_FSIZE, resource limit framework, user-space access protection for exception tables, 10+ futex subsystem fixes/restructurings |
| 49 | +- **Filesystem and Namespaces**: Introduced `pwritev`, `truncate`, six xattr system calls, path permission checks, UTS/mnt/IPC namespaces, capset/capget, /proc improvements |
| 50 | +- **Platform and Network**: x86 kexec+initram, VF2 RISC-V adaptation, bridge networking, large-scale network stack restructuring, Dropbear SSH server, Go user-space demonstrations and toolchain improvements |
| 51 | +- **Engineering Efficiency**: CI container upgrades, test upload and monitoring, gVisor/FreeBSD bootstrap support, Nix-shell toolchain version locking |
| 52 | + |
| 53 | +## Detailed Changes |
| 54 | + |
| 55 | +### 1. Threads and Signals: Aligning with Linux Behavior |
| 56 | +- New PRCTL options, alternate signal stack copying, cloning/waiting semantics completion, `waitid`/job control, resource limit (rlimit) framework and RLIMIT_FSIZE checks (#_translated_label__1386_en, #_translated_label__1363_en, #_translated_label__1362_en, #_translated_label__1333_en, #_translated_label__1300_en, #_translated_label__1312_en) |
| 57 | +- `setitimer/getitimer`, `clock_nanosleep`, `tgkill/tkill` and other timer/signal routing completions; fs/gs user-space validation, `clone3` + `/proc/cpuinfo`, `PR_SET_PDEATHSIG` support, improving ABI compatibility (#_translated_label__1377_en, #_translated_label__1307_en, #_translated_label__1336_en, #_translated_label__1299_en) |
| 58 | +- Numerous signal/thread-related fixes: vfork, CLONE_PARENT_SETTID, signal frames, FP states, sys_sigaction/sigprocmask, /proc/self/exe links, addressing compatibility and stability issues (#_translated_label__1358_en, #_translated_label__1342_en, #_translated_label__1357_en, #_translated_label__1356_en, #_translated_label__1347_en, #_translated_label__1359_en) |
| 59 | + |
| 60 | +### 2. Futex & Memory: Revamped Synchronization Stack |
| 61 | +- PI futex, shared key generation restructuring, robust futex race fixes, wake op compatibility, parameter validation, futex test enablement, forming a more complete futex behavior matrix (#_translated_label__1373_en, #_translated_label__1376_en, #_translated_label__1374_en, #_translated_label__1372_en, #_translated_label__1371_en, #_translated_label__1326_en, #_translated_label__1321_en, #_translated_label__1320_en, #_translated_label__1311_en, #_translated_label__1276_en, #_translated_label__d5158a0_en, #_translated_label__e85d1cd_en) |
| 62 | +- **Memory Management Improvements**: VM_DONTCOPY flag, exception table-driven secure user-space access, mincore, madvise/msync boundary fixes, anonymous shared page synchronization, buddy allocator deadlock & boundary checks, etc. (#_translated_label__1383_en, #_translated_label__1349_en, #_translated_label__1334_en, #_translated_label__1301_en, #_translated_label__1258_en, #_translated_label__1345_en, #_translated_label__1334_en, #_translated_label__1361_en, #_translated_label__1280_en) |
| 63 | +- **Resource Limits**: Rlimit framework integration with RLIMIT_FSIZE, `get_mempolicy`, `clone3`, and `/proc/cpuinfo`, enhancing resource observation and limitation capabilities (#_translated_label__1300_en, #_translated_label__1312_en, #_translated_label__1299_en) |
| 64 | + |
| 65 | +### 3. Containers and Namespaces: Built for Cloud-Native |
| 66 | +- **Network Subsystem Restructuring**: Implemented a completely new network subsystem offering better Linux compatibility and extensibility (#_translated_label__977_en) |
| 67 | +- **Filesystem Enhancements**: `SYS_PWRITEV`, `truncate`, path traversal/directory switching permission checks, `mknodat`/fatfs deadlock fixes, `syncfs`/`openat`/`unlinkat`/`lseek` behavior corrections, ensuring filesystem semantic consistency (#_translated_label__1322_en, #_translated_label__1308_en, #_translated_label__1348_en, #_translated_label__1346_en, #_translated_label__1369_en, #_translated_label__1355_en, #_translated_label__1344_en) |
| 68 | +- **Namespace Support**: Extended attributes with six xattr system calls, `capset/capget`, UTS namespace, `setdomainname/sethostname` fixes, first version of IPC namespace, mntns `unshare`, improving namespaces and security isolation (#_translated_label__1248_en, #_translated_label__1293_en, #_translated_label__1268_en, #_translated_label__1298_en, #_translated_label__1288_en, #_translated_label__1262_en) |
| 69 | +- **Container Networking and Operations**: Bridge networking, network stack restructuring, Dropbear SSH server support, bringing DragonOS closer to truly running containers (#_translated_label__1287_en, #_translated_label__1295_en, #_translated_label__1304_en) |
| 70 | + |
| 71 | +### 4. Platforms and Devices: Leap in Deployability |
| 72 | +- x86 `kexec` + initram completed the loop, complemented by reboot syscall improvements, paving the way for fast switching and bootstrapping (#_translated_label__1303_en, #_translated_label__1157_en) |
| 73 | +- VF2 RISC-V platform adaptation, making DragonOS a viable option for domestic RISC-V scenarios (#_translated_label__1285_en) |
| 74 | +- SYS_GETCPU aligned with SMP syscall table, enabling more accurate multi-core scheduling and performance analysis (#_translated_label__1368_en, #_translated_label__1367_en) |
| 75 | +- Go language example programs demonstrating best practices in multi-threaded scenarios (#_translated_label__1387_en) |
| 76 | + |
| 77 | +### 5. Engineering Efficiency and Community: Time-Saving, Hassle-Free, Reusable |
| 78 | +- **CI and Testing**: Upgraded CI containers to v1.16, added test result uploads, syscall test monitoring, real-time stdout output, significantly accelerating issue localization (#_translated_label__1380_en, #_translated_label__1364_en, #_translated_label__1341_en, #_translated_label__15964250_en) |
| 79 | +- **Automated Testing**: Introduced automated testing suite for gVisor Linux system calls, enabling real-time tracking of kernel behavior and Linux compatibility with every commit/merge (#_translated_label__1306_en, #_translated_label__1271_en, #_translated_label__1371_en, #_translated_label__1296_en) |
| 80 | +- **Development Toolchain**: Nix-shell fixed Rust versions, FreeBSD bootstrap support, enabling external contributors to quickly reproduce the same environment (#_translated_label__40603716_en, #_translated_label__093388bd_en) |
| 81 | +- **Community and Documentation**: Multiple rounds of documentation translation updates, EdgeOne CDN sponsor information, README/supporter list refreshes (#_translated_label__1385_en, #_translated_label__1317_en, #_translated_label__1315_en, #_translated_label__1294_en, #_translated_label__1292_en, #_translated_label__1290_en, #_translated_label__1289_en, #_translated_label__1281_en) |
| 82 | + |
| 83 | +## Known Considerations |
| 84 | +- Recent extensive changes to the futex subsystem; it is recommended to focus on multi-threaded stress and robust list regression testing. |
| 85 | +- New kexec/initram and network restructuring involve the boot chain; custom hardware may require revalidation of boot scripts. |
| 86 | +- Namespace/rlimit-related syscalls require updates to user-space toolchains and tests to cover more boundaries. |
| 87 | + |
| 88 | +## Contributor Acknowledgments |
| 89 | +LoGin, kaleidoscope416, linfeng, Shenjie Yang, JingXuan_Wei, aLinChe, Huang Mingtao, Bruce.carrot93, Samuel Dai, Vitus, Yuming Jiang, Huo Hua, and 15 other partners jointly completed version 0.3.0. |
| 90 | + |
| 91 | +## References |
| 92 | +- **Linux Compatibility Test Dashboard**: [ci-dashboard.dragonos.org](https://ci-dashboard.dragonos.org) |
| 93 | +- **Community Repository**: [github.com/DragonOS-Community/DragonOS](https://github.com/DragonOS-Community/DragonOS) |
![github-actions[bot]](https://avatars.githubusercontent.com/in/15368?v=4&size=40){kind=avatar}
0 commit comments