3.2.0.azl4

Release notes

• Use Azl3 as default for node builder recipes
• Addressed CVEs: CVE-2024-43806, CVE-2024-24786, CVE-2023-45288, CVE-2023-39325, CVE-2024-43806
• Improved agent logging verbosity
• Faster confidential pod startup
• Allow pods with larger memory requests to start by increasing the timeout for CreateVM
• Reduced memory usage for the guest image
• Improved memory overhead management
• Remove unused VMM options for memory allocation
• Assign a default number of vcpus (1) to the VM when no limits are given
• Added policy state support to agent

What's Changed

• tools: Align AGENT_POLICY_FILE check in rootfs-builder with upstream by @ms-mahuber in #244
• node-builder: Use Azure Linux 3 as default path by @ms-mahuber in #251
• libs:logging: Fix logger by @danmihai1 in #248
• Fix logging verbosity comment to accurately reflect clh behavior by @Camelron in #249
• node-builder: Deploy-only recipe for AzL3 VMs by @ms-mahuber in #254
• runtime: skip logging some of the dial errors by @danmihai1 in #253
• build(deps): bump rustix from 0.37.3 to 0.37.27 in /src/agent by @dependabot in #246
• build(deps): bump google.golang.org/protobuf from 1.29.1 to 1.33.0 in /src/runtime by @dependabot in #243
• build(deps): bump dependency golang.org/x/net to v0.23.0 by @Sumynwa in #261
• build(deps): bump rustix from 0.37.19 to 0.37.27 in /src/tardev-snapshotter by @dependabot in #262
• runtime: Set memory config shared=false when shared_fs=None in CLH by @Sumynwa in #265
• runtime: relax timeout for CreateVM + BootVM in CLH by @Sumynwa in #268
• agent: fix make test by @Sumynwa in #266
• reduce the memory usage for the guest image by @danmihai1 in #280
• runtime: improved memory overhead management by @danmihai1 in #281
• runtime: Remove unused VMM options for mem alloc by @ms-mahuber in #283
• runtime: Allocate default workload vcpus by @ms-mahuber in #282
• policy: cherry pick state policy changes from upstream by @Redent0r in #273

Full Changelog: 3.2.0.azl3...3.2.0.azl4