snapshot: move snapshot feature to GA

Declare full snapshots as fully supported. Diff snapshots remain in
development preview status, as we wait to see how these will play with
secret hiding.

Signed-off-by: Babis Chalios <[email protected]>

Author: bchalios

CHANGELOG.md

@@ -32,6 +32,9 @@ and this project adheres to
   Clarified what CPU models are supported by each existing CPU template.
   Firecracker exits with an error if a CPU template is used on an unsupported
   CPU model.
+- [#5165](https://github.com./firecracker-microvm/firecracker/pull/5165): Changed
+  Firecracker snapshot feature from developer preview to generally available.
+  Incremental snapshots remain in developer preview.
 
 ### Deprecated
 

docs/snapshotting/snapshot-support.md

@@ -39,12 +39,13 @@ workload at that particular point in time.
 
 ### Supported platforms
 
-> [!WARNING]
->
-> The Firecracker snapshot feature is in
-> [developer preview](../RELEASE_POLICY.md) on all CPU micro-architectures
-> listed in [README](../../README.md#supported-platforms). See
-> [this section](#developer-preview-status) for more info.
+The Firecracker snapshot feature is supported on all CPU micro-architectures
+listed in [README](../../README.md#supported-platforms).
+
+[!WARNING]
+
+Diff snapshot support is in developer preview. See
+[this section](#developer-preview-status) for more info.
 
 ### Overview
 
@@ -116,13 +117,8 @@ all [supported platforms](../../README.md#tested-platforms).
 
 ### Developer preview status
 
-The snapshot functionality is still in developer preview due to the following:
-
-- Poor entropy and replayable randomness when resuming multiple microvms from
-  the same snapshot. We do not recommend to use snapshotting in production if
-  there is no mechanism to guarantee proper secrecy and uniqueness between
-  guests. Please see
-  [Snapshot security and uniqueness](#snapshot-security-and-uniqueness).
+Diff snapshots are still in developer preview while we are diving deep into how
+the feature can be combined with guest_memfd support in Firecracker.
 
 ### Limitations
 
@@ -528,7 +524,7 @@ For more information please see [this doc](random-for-clones.md)
 
 ### Usage examples
 
-#### Example 1: secure usage (currently in dev preview)
+#### Example 1: secure usage
 
 ```console
 Boot microVM A -> ... -> Create snapshot S -> Terminate

src/vmm/src/rpc_interface.rs

@@ -557,8 +557,6 @@ impl<'a> PrebootApiController<'a> {
         &mut self,
         load_params: &LoadSnapshotParams,
     ) -> Result<VmmData, LoadSnapshotError> {
-        log_dev_preview_warning("Virtual machine snapshots", Option::None);
-
         let load_start_us = get_time_us(ClockType::Monotonic);
 
         if self.boot_path {
@@ -592,15 +590,9 @@ impl<'a> PrebootApiController<'a> {
         // Set the VM
         self.built_vmm = Some(vmm);
 
-        log_dev_preview_warning(
-            "Virtual machine snapshots",
-            Some(format!(
-                "'load snapshot' VMM action took {} us.",
-                update_metric_with_elapsed_time(
-                    &METRICS.latencies_us.vmm_load_snapshot,
-                    load_start_us
-                )
-            )),
+        debug!(
+            "'load snapshot' VMM action took {} us.",
+            update_metric_with_elapsed_time(&METRICS.latencies_us.vmm_load_snapshot, load_start_us)
         );
 
         Ok(VmmData::Empty)
@@ -753,15 +745,15 @@ impl RuntimeApiController {
         &mut self,
         create_params: &CreateSnapshotParams,
     ) -> Result<VmmData, VmmActionError> {
-        log_dev_preview_warning("Virtual machine snapshots", None);
-
-        if create_params.snapshot_type == SnapshotType::Diff
-            && !self.vm_resources.machine_config.track_dirty_pages
-        {
-            return Err(VmmActionError::NotSupported(
-                "Diff snapshots are not allowed on uVMs with dirty page tracking disabled."
-                    .to_string(),
-            ));
+        if create_params.snapshot_type == SnapshotType::Diff {
+            log_dev_preview_warning("Virtual machine diff snapshots", None);
+
+            if !self.vm_resources.machine_config.track_dirty_pages {
+                return Err(VmmActionError::NotSupported(
+                    "Diff snapshots are not allowed on uVMs with dirty page tracking disabled."
+                        .to_string(),
+                ));
+            }
         }
 
         let mut locked_vmm = self.vmm.lock().unwrap();