2019-05-09 05:01:48 +00:00
|
|
|
// Copyright 2017 The Chromium OS Authors. All rights reserved.
|
|
|
|
// Use of this source code is governed by a BSD-style license that can be
|
|
|
|
// found in the LICENSE file.
|
|
|
|
|
2019-12-31 10:49:11 +00:00
|
|
|
use super::Error as DeviceError;
|
|
|
|
use super::{
|
2021-10-21 10:41:16 +00:00
|
|
|
ActivateError, ActivateResult, EpollHelper, EpollHelperError, EpollHelperHandler, VirtioCommon,
|
|
|
|
VirtioDevice, VirtioDeviceType, EPOLL_HELPER_EVENT_LAST, VIRTIO_F_IOMMU_PLATFORM,
|
2020-08-04 11:16:44 +00:00
|
|
|
VIRTIO_F_VERSION_1,
|
2019-12-31 10:49:11 +00:00
|
|
|
};
|
2021-09-03 10:43:30 +00:00
|
|
|
use crate::seccomp_filters::Thread;
|
|
|
|
use crate::thread_helper::spawn_virtio_thread;
|
2021-06-02 19:08:04 +00:00
|
|
|
use crate::GuestMemoryMmap;
|
2019-12-31 10:49:11 +00:00
|
|
|
use crate::{VirtioInterrupt, VirtioInterruptType};
|
2022-08-12 01:30:13 +00:00
|
|
|
use anyhow::anyhow;
|
2021-09-03 10:43:30 +00:00
|
|
|
use seccompiler::SeccompAction;
|
2019-05-09 05:01:48 +00:00
|
|
|
use std::fs::File;
|
|
|
|
use std::io;
|
2020-08-04 11:16:44 +00:00
|
|
|
use std::os::unix::io::AsRawFd;
|
2019-05-09 05:01:48 +00:00
|
|
|
use std::result;
|
2020-09-04 08:37:37 +00:00
|
|
|
use std::sync::atomic::AtomicBool;
|
2020-08-11 14:05:06 +00:00
|
|
|
use std::sync::{Arc, Barrier};
|
2022-09-15 22:49:23 +00:00
|
|
|
use thiserror::Error;
|
2021-05-06 13:34:31 +00:00
|
|
|
use versionize::{VersionMap, Versionize, VersionizeResult};
|
|
|
|
use versionize_derive::Versionize;
|
2022-07-08 12:30:50 +00:00
|
|
|
use virtio_queue::{Queue, QueueT};
|
2022-07-06 14:08:08 +00:00
|
|
|
use vm_memory::{Bytes, GuestAddressSpace, GuestMemoryAtomic};
|
2021-05-06 13:34:31 +00:00
|
|
|
use vm_migration::VersionMapped;
|
2021-04-08 09:20:10 +00:00
|
|
|
use vm_migration::{Migratable, MigratableError, Pausable, Snapshot, Snapshottable, Transportable};
|
2022-01-26 22:44:31 +00:00
|
|
|
use vm_virtio::{AccessPlatform, Translatable};
|
2019-08-02 14:23:52 +00:00
|
|
|
use vmm_sys_util::eventfd::EventFd;
|
2019-05-09 05:01:48 +00:00
|
|
|
|
|
|
|
const QUEUE_SIZE: u16 = 256;
|
|
|
|
const QUEUE_SIZES: &[u16] = &[QUEUE_SIZE];
|
|
|
|
|
|
|
|
// New descriptors are pending on the virtio queue.
|
2020-08-04 11:16:44 +00:00
|
|
|
const QUEUE_AVAIL_EVENT: u16 = EPOLL_HELPER_EVENT_LAST + 1;
|
2019-05-09 05:01:48 +00:00
|
|
|
|
2022-09-15 22:49:23 +00:00
|
|
|
#[derive(Error, Debug)]
|
|
|
|
enum Error {
|
|
|
|
#[error("Descriptor chain too short")]
|
|
|
|
DescriptorChainTooShort,
|
2022-09-27 17:21:15 +00:00
|
|
|
#[error("Invalid descriptor")]
|
|
|
|
InvalidDescriptor,
|
2022-10-04 11:16:17 +00:00
|
|
|
#[error("Failed to write to guest memory: {0}")]
|
|
|
|
GuestMemoryWrite(vm_memory::guest_memory::Error),
|
2022-09-15 22:49:23 +00:00
|
|
|
#[error("Failed adding used index: {0}")]
|
|
|
|
QueueAddUsed(virtio_queue::Error),
|
|
|
|
}
|
|
|
|
|
2019-05-09 05:01:48 +00:00
|
|
|
struct RngEpollHandler {
|
2022-07-06 14:08:08 +00:00
|
|
|
mem: GuestMemoryAtomic<GuestMemoryMmap>,
|
|
|
|
queue: Queue,
|
2019-05-09 05:01:48 +00:00
|
|
|
random_file: File,
|
2020-01-13 17:52:19 +00:00
|
|
|
interrupt_cb: Arc<dyn VirtioInterrupt>,
|
2019-05-09 05:01:48 +00:00
|
|
|
queue_evt: EventFd,
|
|
|
|
kill_evt: EventFd,
|
2019-11-19 00:42:31 +00:00
|
|
|
pause_evt: EventFd,
|
2022-01-26 16:14:06 +00:00
|
|
|
access_platform: Option<Arc<dyn AccessPlatform>>,
|
2019-05-09 05:01:48 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
impl RngEpollHandler {
|
2022-09-15 22:49:23 +00:00
|
|
|
fn process_queue(&mut self) -> result::Result<bool, Error> {
|
2022-07-20 14:45:49 +00:00
|
|
|
let queue = &mut self.queue;
|
2019-05-09 05:01:48 +00:00
|
|
|
|
2022-07-25 12:26:17 +00:00
|
|
|
let mut used_descs = false;
|
2022-07-08 12:30:50 +00:00
|
|
|
while let Some(mut desc_chain) = queue.pop_descriptor_chain(self.mem.memory()) {
|
2022-09-15 22:49:23 +00:00
|
|
|
let desc = desc_chain.next().ok_or(Error::DescriptorChainTooShort)?;
|
2019-05-09 05:01:48 +00:00
|
|
|
|
2022-09-27 17:21:15 +00:00
|
|
|
// The descriptor must be write-only and non-zero length
|
|
|
|
if !(desc.is_write_only() && desc.len() > 0) {
|
|
|
|
return Err(Error::InvalidDescriptor);
|
|
|
|
}
|
|
|
|
|
|
|
|
// Fill the read with data from the random device on the host.
|
|
|
|
let len = desc_chain
|
|
|
|
.memory()
|
|
|
|
.read_from(
|
2022-08-18 12:03:58 +00:00
|
|
|
desc.addr()
|
|
|
|
.translate_gva(self.access_platform.as_ref(), desc.len() as usize),
|
|
|
|
&mut self.random_file,
|
|
|
|
desc.len() as usize,
|
2022-09-27 17:21:15 +00:00
|
|
|
)
|
2022-10-04 11:16:17 +00:00
|
|
|
.map_err(Error::GuestMemoryWrite)?;
|
2019-05-09 05:01:48 +00:00
|
|
|
|
2022-07-25 12:26:17 +00:00
|
|
|
queue
|
2022-09-27 17:21:15 +00:00
|
|
|
.add_used(desc_chain.memory(), desc_chain.head_index(), len as u32)
|
2022-09-15 22:49:23 +00:00
|
|
|
.map_err(Error::QueueAddUsed)?;
|
2022-07-25 12:26:17 +00:00
|
|
|
used_descs = true;
|
2019-05-09 05:01:48 +00:00
|
|
|
}
|
|
|
|
|
2022-09-15 22:49:23 +00:00
|
|
|
Ok(used_descs)
|
2019-05-09 05:01:48 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
fn signal_used_queue(&self) -> result::Result<(), DeviceError> {
|
2020-01-13 17:52:19 +00:00
|
|
|
self.interrupt_cb
|
2022-01-24 14:30:42 +00:00
|
|
|
.trigger(VirtioInterruptType::Queue(0))
|
2020-01-13 17:52:19 +00:00
|
|
|
.map_err(|e| {
|
|
|
|
error!("Failed to signal used queue: {:?}", e);
|
|
|
|
DeviceError::FailedSignalingUsedQueue(e)
|
|
|
|
})
|
2019-05-09 05:01:48 +00:00
|
|
|
}
|
|
|
|
|
2020-08-11 14:05:06 +00:00
|
|
|
fn run(
|
|
|
|
&mut self,
|
|
|
|
paused: Arc<AtomicBool>,
|
|
|
|
paused_sync: Arc<Barrier>,
|
|
|
|
) -> result::Result<(), EpollHelperError> {
|
2020-08-04 11:16:44 +00:00
|
|
|
let mut helper = EpollHelper::new(&self.kill_evt, &self.pause_evt)?;
|
|
|
|
helper.add_event(self.queue_evt.as_raw_fd(), QUEUE_AVAIL_EVENT)?;
|
2020-08-11 14:05:06 +00:00
|
|
|
helper.run(paused, paused_sync, self)?;
|
2019-05-09 05:01:48 +00:00
|
|
|
|
2020-08-04 11:16:44 +00:00
|
|
|
Ok(())
|
|
|
|
}
|
|
|
|
}
|
2020-06-25 08:08:05 +00:00
|
|
|
|
2020-08-04 11:16:44 +00:00
|
|
|
impl EpollHelperHandler for RngEpollHandler {
|
2022-08-12 01:30:13 +00:00
|
|
|
fn handle_event(
|
|
|
|
&mut self,
|
|
|
|
_helper: &mut EpollHelper,
|
|
|
|
event: &epoll::Event,
|
|
|
|
) -> result::Result<(), EpollHelperError> {
|
2020-08-11 17:12:02 +00:00
|
|
|
let ev_type = event.data as u16;
|
|
|
|
match ev_type {
|
2020-08-04 11:16:44 +00:00
|
|
|
QUEUE_AVAIL_EVENT => {
|
2022-08-12 01:30:13 +00:00
|
|
|
self.queue_evt.read().map_err(|e| {
|
|
|
|
EpollHelperError::HandleEvent(anyhow!("Failed to get queue event: {:?}", e))
|
|
|
|
})?;
|
2022-09-15 22:49:23 +00:00
|
|
|
let needs_notification = self.process_queue().map_err(|e| {
|
|
|
|
EpollHelperError::HandleEvent(anyhow!("Failed to process queue : {:?}", e))
|
|
|
|
})?;
|
|
|
|
if needs_notification {
|
2022-08-12 01:30:13 +00:00
|
|
|
self.signal_used_queue().map_err(|e| {
|
|
|
|
EpollHelperError::HandleEvent(anyhow!(
|
|
|
|
"Failed to signal used queue: {:?}",
|
|
|
|
e
|
|
|
|
))
|
|
|
|
})?;
|
2019-05-09 05:01:48 +00:00
|
|
|
}
|
|
|
|
}
|
2020-08-04 11:16:44 +00:00
|
|
|
_ => {
|
2022-08-12 01:30:13 +00:00
|
|
|
return Err(EpollHelperError::HandleEvent(anyhow!(
|
|
|
|
"Unexpected event: {}",
|
|
|
|
ev_type
|
|
|
|
)));
|
2020-08-04 11:16:44 +00:00
|
|
|
}
|
2019-05-09 05:01:48 +00:00
|
|
|
}
|
2022-08-12 01:30:13 +00:00
|
|
|
Ok(())
|
2019-05-09 05:01:48 +00:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
/// Virtio device for exposing entropy to the guest OS through virtio.
|
|
|
|
pub struct Rng {
|
2020-09-03 09:37:36 +00:00
|
|
|
common: VirtioCommon,
|
2020-04-27 09:39:41 +00:00
|
|
|
id: String,
|
2019-05-09 05:01:48 +00:00
|
|
|
random_file: Option<File>,
|
2020-08-04 17:46:49 +00:00
|
|
|
seccomp_action: SeccompAction,
|
2021-09-07 15:10:48 +00:00
|
|
|
exit_evt: EventFd,
|
2019-05-09 05:01:48 +00:00
|
|
|
}
|
|
|
|
|
2021-05-11 14:02:43 +00:00
|
|
|
#[derive(Versionize)]
|
2020-04-08 07:19:04 +00:00
|
|
|
pub struct RngState {
|
|
|
|
pub avail_features: u64,
|
|
|
|
pub acked_features: u64,
|
|
|
|
}
|
|
|
|
|
2021-05-06 13:34:31 +00:00
|
|
|
impl VersionMapped for RngState {}
|
|
|
|
|
2019-05-09 05:01:48 +00:00
|
|
|
impl Rng {
|
|
|
|
/// Create a new virtio rng device that gets random data from /dev/urandom.
|
2020-08-04 17:46:49 +00:00
|
|
|
pub fn new(
|
|
|
|
id: String,
|
|
|
|
path: &str,
|
|
|
|
iommu: bool,
|
|
|
|
seccomp_action: SeccompAction,
|
2021-09-07 15:10:48 +00:00
|
|
|
exit_evt: EventFd,
|
2022-10-18 15:14:43 +00:00
|
|
|
state: Option<RngState>,
|
2020-08-04 17:46:49 +00:00
|
|
|
) -> io::Result<Rng> {
|
2019-05-09 05:01:48 +00:00
|
|
|
let random_file = File::open(path)?;
|
2019-10-04 17:39:42 +00:00
|
|
|
|
2022-11-30 16:10:04 +00:00
|
|
|
let (avail_features, acked_features, paused) = if let Some(state) = state {
|
2022-10-18 15:14:43 +00:00
|
|
|
info!("Restoring virtio-rng {}", id);
|
2022-11-30 16:10:04 +00:00
|
|
|
(state.avail_features, state.acked_features, true)
|
2022-10-18 15:14:43 +00:00
|
|
|
} else {
|
|
|
|
let mut avail_features = 1u64 << VIRTIO_F_VERSION_1;
|
|
|
|
|
|
|
|
if iommu {
|
|
|
|
avail_features |= 1u64 << VIRTIO_F_IOMMU_PLATFORM;
|
|
|
|
}
|
|
|
|
|
2022-11-30 16:10:04 +00:00
|
|
|
(avail_features, 0, false)
|
2022-10-18 15:14:43 +00:00
|
|
|
};
|
2019-05-09 05:01:48 +00:00
|
|
|
|
|
|
|
Ok(Rng {
|
2020-09-03 09:37:36 +00:00
|
|
|
common: VirtioCommon {
|
2021-03-25 16:54:09 +00:00
|
|
|
device_type: VirtioDeviceType::Rng as u32,
|
2020-09-04 08:37:37 +00:00
|
|
|
queue_sizes: QUEUE_SIZES.to_vec(),
|
|
|
|
paused_sync: Some(Arc::new(Barrier::new(2))),
|
2020-09-03 09:37:36 +00:00
|
|
|
avail_features,
|
2022-10-18 15:14:43 +00:00
|
|
|
acked_features,
|
2021-01-19 06:11:07 +00:00
|
|
|
min_queues: 1,
|
2022-11-30 16:10:04 +00:00
|
|
|
paused: Arc::new(AtomicBool::new(paused)),
|
2020-09-03 15:56:32 +00:00
|
|
|
..Default::default()
|
2020-09-03 09:37:36 +00:00
|
|
|
},
|
2020-04-27 09:39:41 +00:00
|
|
|
id,
|
2019-05-09 05:01:48 +00:00
|
|
|
random_file: Some(random_file),
|
2020-08-04 17:46:49 +00:00
|
|
|
seccomp_action,
|
2021-09-07 15:10:48 +00:00
|
|
|
exit_evt,
|
2019-05-09 05:01:48 +00:00
|
|
|
})
|
|
|
|
}
|
2020-04-08 07:19:04 +00:00
|
|
|
|
|
|
|
fn state(&self) -> RngState {
|
|
|
|
RngState {
|
2020-09-03 09:37:36 +00:00
|
|
|
avail_features: self.common.avail_features,
|
|
|
|
acked_features: self.common.acked_features,
|
2020-04-08 07:19:04 +00:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2022-09-22 08:13:15 +00:00
|
|
|
#[cfg(fuzzing)]
|
|
|
|
pub fn wait_for_epoll_threads(&mut self) {
|
|
|
|
self.common.wait_for_epoll_threads();
|
|
|
|
}
|
2019-05-09 05:01:48 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
impl Drop for Rng {
|
|
|
|
fn drop(&mut self) {
|
2020-09-04 08:37:37 +00:00
|
|
|
if let Some(kill_evt) = self.common.kill_evt.take() {
|
2019-05-09 05:01:48 +00:00
|
|
|
// Ignore the result because there is nothing we can do about it.
|
|
|
|
let _ = kill_evt.write(1);
|
|
|
|
}
|
2023-01-12 09:07:55 +00:00
|
|
|
self.common.wait_for_epoll_threads();
|
2019-05-09 05:01:48 +00:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
impl VirtioDevice for Rng {
|
|
|
|
fn device_type(&self) -> u32 {
|
2020-09-04 08:37:37 +00:00
|
|
|
self.common.device_type
|
2019-05-09 05:01:48 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
fn queue_max_sizes(&self) -> &[u16] {
|
2020-09-04 08:37:37 +00:00
|
|
|
&self.common.queue_sizes
|
2019-05-09 05:01:48 +00:00
|
|
|
}
|
|
|
|
|
2020-01-23 10:14:38 +00:00
|
|
|
fn features(&self) -> u64 {
|
2020-09-03 09:37:36 +00:00
|
|
|
self.common.avail_features
|
2019-05-09 05:01:48 +00:00
|
|
|
}
|
|
|
|
|
2020-01-23 10:14:38 +00:00
|
|
|
fn ack_features(&mut self, value: u64) {
|
2020-09-03 09:37:36 +00:00
|
|
|
self.common.ack_features(value)
|
2019-05-09 05:01:48 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
fn activate(
|
|
|
|
&mut self,
|
2022-07-06 14:08:08 +00:00
|
|
|
mem: GuestMemoryAtomic<GuestMemoryMmap>,
|
2020-01-13 17:52:19 +00:00
|
|
|
interrupt_cb: Arc<dyn VirtioInterrupt>,
|
2022-07-06 14:08:08 +00:00
|
|
|
mut queues: Vec<(usize, Queue, EventFd)>,
|
2019-05-09 05:01:48 +00:00
|
|
|
) -> ActivateResult {
|
2022-07-20 14:45:49 +00:00
|
|
|
self.common.activate(&queues, &interrupt_cb)?;
|
2021-06-02 18:08:06 +00:00
|
|
|
let (kill_evt, pause_evt) = self.common.dup_eventfds();
|
2019-10-03 23:51:21 +00:00
|
|
|
|
|
|
|
if let Some(file) = self.random_file.as_ref() {
|
|
|
|
let random_file = file.try_clone().map_err(|e| {
|
|
|
|
error!("failed cloning rng source: {}", e);
|
|
|
|
ActivateError::BadActivate
|
|
|
|
})?;
|
2022-07-20 14:45:49 +00:00
|
|
|
|
|
|
|
let (_, queue, queue_evt) = queues.remove(0);
|
|
|
|
|
2019-05-09 05:01:48 +00:00
|
|
|
let mut handler = RngEpollHandler {
|
2022-07-06 14:08:08 +00:00
|
|
|
mem,
|
2022-07-20 14:45:49 +00:00
|
|
|
queue,
|
2019-05-09 05:01:48 +00:00
|
|
|
random_file,
|
2019-06-03 20:57:26 +00:00
|
|
|
interrupt_cb,
|
2022-07-20 14:45:49 +00:00
|
|
|
queue_evt,
|
2019-05-09 05:01:48 +00:00
|
|
|
kill_evt,
|
2019-11-19 00:42:31 +00:00
|
|
|
pause_evt,
|
2022-01-26 16:14:06 +00:00
|
|
|
access_platform: self.common.access_platform.clone(),
|
2019-05-09 05:01:48 +00:00
|
|
|
};
|
|
|
|
|
2020-09-04 08:37:37 +00:00
|
|
|
let paused = self.common.paused.clone();
|
|
|
|
let paused_sync = self.common.paused_sync.clone();
|
2020-01-27 12:56:05 +00:00
|
|
|
let mut epoll_threads = Vec::new();
|
2021-09-03 10:43:30 +00:00
|
|
|
spawn_virtio_thread(
|
|
|
|
&self.id,
|
|
|
|
&self.seccomp_action,
|
|
|
|
Thread::VirtioRng,
|
|
|
|
&mut epoll_threads,
|
2021-09-07 15:10:48 +00:00
|
|
|
&self.exit_evt,
|
2022-08-12 00:16:27 +00:00
|
|
|
move || handler.run(paused, paused_sync.unwrap()),
|
2021-09-03 10:43:30 +00:00
|
|
|
)?;
|
2019-05-09 05:01:48 +00:00
|
|
|
|
2020-09-04 08:37:37 +00:00
|
|
|
self.common.epoll_threads = Some(epoll_threads);
|
2020-01-27 12:56:05 +00:00
|
|
|
|
2021-02-18 15:10:51 +00:00
|
|
|
event!("virtio-device", "activated", "id", &self.id);
|
2019-05-09 05:01:48 +00:00
|
|
|
return Ok(());
|
|
|
|
}
|
|
|
|
Err(ActivateError::BadActivate)
|
|
|
|
}
|
2019-10-03 23:51:21 +00:00
|
|
|
|
2021-01-18 12:38:08 +00:00
|
|
|
fn reset(&mut self) -> Option<Arc<dyn VirtioInterrupt>> {
|
2021-02-18 15:10:51 +00:00
|
|
|
let result = self.common.reset();
|
|
|
|
event!("virtio-device", "reset", "id", &self.id);
|
|
|
|
result
|
2020-09-04 08:37:37 +00:00
|
|
|
}
|
2022-01-26 16:14:06 +00:00
|
|
|
|
|
|
|
fn set_access_platform(&mut self, access_platform: Arc<dyn AccessPlatform>) {
|
|
|
|
self.common.set_access_platform(access_platform)
|
|
|
|
}
|
2020-09-04 08:37:37 +00:00
|
|
|
}
|
2019-11-19 00:42:31 +00:00
|
|
|
|
2020-09-04 08:37:37 +00:00
|
|
|
impl Pausable for Rng {
|
|
|
|
fn pause(&mut self) -> result::Result<(), MigratableError> {
|
|
|
|
self.common.pause()
|
|
|
|
}
|
2019-10-03 23:51:21 +00:00
|
|
|
|
2020-09-04 08:37:37 +00:00
|
|
|
fn resume(&mut self) -> result::Result<(), MigratableError> {
|
|
|
|
self.common.resume()
|
2019-10-03 23:51:21 +00:00
|
|
|
}
|
2019-05-09 05:01:48 +00:00
|
|
|
}
|
2019-11-19 00:42:31 +00:00
|
|
|
|
2020-04-08 07:19:04 +00:00
|
|
|
impl Snapshottable for Rng {
|
|
|
|
fn id(&self) -> String {
|
2020-04-27 09:39:41 +00:00
|
|
|
self.id.clone()
|
2020-04-08 07:19:04 +00:00
|
|
|
}
|
|
|
|
|
2020-08-21 12:31:58 +00:00
|
|
|
fn snapshot(&mut self) -> std::result::Result<Snapshot, MigratableError> {
|
2022-12-02 14:31:53 +00:00
|
|
|
Snapshot::new_from_versioned_state(&self.state())
|
2020-04-08 07:19:04 +00:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2019-05-01 16:59:51 +00:00
|
|
|
impl Transportable for Rng {}
|
2019-11-19 00:42:31 +00:00
|
|
|
impl Migratable for Rng {}
|