mirror of
https://github.com/cloud-hypervisor/cloud-hypervisor.git
synced 2024-10-02 11:35:46 +00:00
vmm: Refactor VM creation workflow
This refactoring is required to add support for creating SEV-SNP enabled VM. Signed-off-by: Jinank Jain <jinankjain@microsoft.com>
This commit is contained in:
parent
5fd79571b7
commit
200cba0e20
1
Cargo.lock
generated
1
Cargo.lock
generated
@ -2340,6 +2340,7 @@ dependencies = [
|
|||||||
"bitflags 2.3.3",
|
"bitflags 2.3.3",
|
||||||
"block",
|
"block",
|
||||||
"blocking",
|
"blocking",
|
||||||
|
"cfg-if",
|
||||||
"devices",
|
"devices",
|
||||||
"epoll",
|
"epoll",
|
||||||
"event_monitor",
|
"event_monitor",
|
||||||
|
@ -84,6 +84,11 @@ pub enum HypervisorError {
|
|||||||
///
|
///
|
||||||
#[error("Unsupported CPU:{0}")]
|
#[error("Unsupported CPU:{0}")]
|
||||||
UnsupportedCpu(#[source] anyhow::Error),
|
UnsupportedCpu(#[source] anyhow::Error),
|
||||||
|
///
|
||||||
|
/// Launching a VM with unsupported VM Type
|
||||||
|
///
|
||||||
|
#[error("Unsupported VmType")]
|
||||||
|
UnsupportedVmType(),
|
||||||
}
|
}
|
||||||
|
|
||||||
///
|
///
|
||||||
|
@ -14,7 +14,7 @@ use crate::vec_with_array_field;
|
|||||||
use crate::vm::{self, InterruptSourceConfig, VmOps};
|
use crate::vm::{self, InterruptSourceConfig, VmOps};
|
||||||
use crate::HypervisorType;
|
use crate::HypervisorType;
|
||||||
pub use mshv_bindings::*;
|
pub use mshv_bindings::*;
|
||||||
use mshv_ioctls::{set_registers_64, Mshv, NoDatamatch, VcpuFd, VmFd};
|
use mshv_ioctls::{set_registers_64, Mshv, NoDatamatch, VcpuFd, VmFd, VmType};
|
||||||
use std::any::Any;
|
use std::any::Any;
|
||||||
use std::collections::HashMap;
|
use std::collections::HashMap;
|
||||||
use std::sync::{Arc, RwLock};
|
use std::sync::{Arc, RwLock};
|
||||||
@ -210,21 +210,15 @@ impl hypervisor::Hypervisor for MshvHypervisor {
|
|||||||
fn hypervisor_type(&self) -> HypervisorType {
|
fn hypervisor_type(&self) -> HypervisorType {
|
||||||
HypervisorType::Mshv
|
HypervisorType::Mshv
|
||||||
}
|
}
|
||||||
/// Create a mshv vm object and return the object as Vm trait object
|
|
||||||
///
|
fn create_vm_with_type(&self, vm_type: u64) -> hypervisor::Result<Arc<dyn crate::Vm>> {
|
||||||
/// # Examples
|
let mshv_vm_type: VmType = match VmType::try_from(vm_type) {
|
||||||
///
|
Ok(vm_type) => vm_type,
|
||||||
/// ```
|
Err(_) => return Err(hypervisor::HypervisorError::UnsupportedVmType()),
|
||||||
/// # extern crate hypervisor;
|
};
|
||||||
/// # use hypervisor::mshv::MshvHypervisor;
|
|
||||||
/// use hypervisor::mshv::MshvVm;
|
|
||||||
/// let hypervisor = MshvHypervisor::new().unwrap();
|
|
||||||
/// let vm = hypervisor.create_vm().unwrap();
|
|
||||||
/// ```
|
|
||||||
fn create_vm(&self) -> hypervisor::Result<Arc<dyn vm::Vm>> {
|
|
||||||
let fd: VmFd;
|
let fd: VmFd;
|
||||||
loop {
|
loop {
|
||||||
match self.mshv.create_vm() {
|
match self.mshv.create_vm_with_type(mshv_vm_type) {
|
||||||
Ok(res) => fd = res,
|
Ok(res) => fd = res,
|
||||||
Err(e) => {
|
Err(e) => {
|
||||||
if e.errno() == libc::EINTR {
|
if e.errno() == libc::EINTR {
|
||||||
@ -271,6 +265,22 @@ impl hypervisor::Hypervisor for MshvHypervisor {
|
|||||||
dirty_log_slots: Arc::new(RwLock::new(HashMap::new())),
|
dirty_log_slots: Arc::new(RwLock::new(HashMap::new())),
|
||||||
}))
|
}))
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/// Create a mshv vm object and return the object as Vm trait object
|
||||||
|
///
|
||||||
|
/// # Examples
|
||||||
|
///
|
||||||
|
/// ```
|
||||||
|
/// # extern crate hypervisor;
|
||||||
|
/// # use hypervisor::mshv::MshvHypervisor;
|
||||||
|
/// use hypervisor::mshv::MshvVm;
|
||||||
|
/// let hypervisor = MshvHypervisor::new().unwrap();
|
||||||
|
/// let vm = hypervisor.create_vm().unwrap();
|
||||||
|
/// ```
|
||||||
|
fn create_vm(&self) -> hypervisor::Result<Arc<dyn vm::Vm>> {
|
||||||
|
let vm_type = 0;
|
||||||
|
self.create_vm_with_type(vm_type)
|
||||||
|
}
|
||||||
///
|
///
|
||||||
/// Get the supported CpuID
|
/// Get the supported CpuID
|
||||||
///
|
///
|
||||||
|
@ -23,6 +23,7 @@ arch = { path = "../arch" }
|
|||||||
bitflags = "2.3.3"
|
bitflags = "2.3.3"
|
||||||
block = { path = "../block" }
|
block = { path = "../block" }
|
||||||
blocking = { version = "1.3.0", optional = true }
|
blocking = { version = "1.3.0", optional = true }
|
||||||
|
cfg-if = "1.0.0"
|
||||||
devices = { path = "../devices" }
|
devices = { path = "../devices" }
|
||||||
epoll = "4.3.3"
|
epoll = "4.3.3"
|
||||||
event_monitor = { path = "../event_monitor" }
|
event_monitor = { path = "../event_monitor" }
|
||||||
|
@ -1312,6 +1312,8 @@ impl Vmm {
|
|||||||
&self.hypervisor,
|
&self.hypervisor,
|
||||||
#[cfg(feature = "tdx")]
|
#[cfg(feature = "tdx")]
|
||||||
false,
|
false,
|
||||||
|
#[cfg(feature = "sev_snp")]
|
||||||
|
false,
|
||||||
)
|
)
|
||||||
.map_err(|e| {
|
.map_err(|e| {
|
||||||
MigratableError::MigrateReceive(anyhow!(
|
MigratableError::MigrateReceive(anyhow!(
|
||||||
|
@ -759,10 +759,19 @@ impl Vm {
|
|||||||
vm_config.lock().unwrap().is_tdx_enabled()
|
vm_config.lock().unwrap().is_tdx_enabled()
|
||||||
};
|
};
|
||||||
|
|
||||||
|
#[cfg(feature = "sev_snp")]
|
||||||
|
let sev_snp_enabled = if snapshot.is_some() {
|
||||||
|
false
|
||||||
|
} else {
|
||||||
|
vm_config.lock().unwrap().is_sev_snp_enabled()
|
||||||
|
};
|
||||||
|
|
||||||
let vm = Self::create_hypervisor_vm(
|
let vm = Self::create_hypervisor_vm(
|
||||||
&hypervisor,
|
&hypervisor,
|
||||||
#[cfg(feature = "tdx")]
|
#[cfg(feature = "tdx")]
|
||||||
tdx_enabled,
|
tdx_enabled,
|
||||||
|
#[cfg(feature = "sev_snp")]
|
||||||
|
sev_snp_enabled,
|
||||||
)?;
|
)?;
|
||||||
|
|
||||||
let phys_bits = physical_bits(&hypervisor, vm_config.lock().unwrap().cpus.max_phys_bits);
|
let phys_bits = physical_bits(&hypervisor, vm_config.lock().unwrap().cpus.max_phys_bits);
|
||||||
@ -821,17 +830,31 @@ impl Vm {
|
|||||||
pub fn create_hypervisor_vm(
|
pub fn create_hypervisor_vm(
|
||||||
hypervisor: &Arc<dyn hypervisor::Hypervisor>,
|
hypervisor: &Arc<dyn hypervisor::Hypervisor>,
|
||||||
#[cfg(feature = "tdx")] tdx_enabled: bool,
|
#[cfg(feature = "tdx")] tdx_enabled: bool,
|
||||||
|
#[cfg(feature = "sev_snp")] sev_snp_enabled: bool,
|
||||||
) -> Result<Arc<dyn hypervisor::Vm>> {
|
) -> Result<Arc<dyn hypervisor::Vm>> {
|
||||||
hypervisor.check_required_extensions().unwrap();
|
hypervisor.check_required_extensions().unwrap();
|
||||||
|
|
||||||
// 0 for KVM_X86_LEGACY_VM
|
cfg_if::cfg_if! {
|
||||||
// 1 for KVM_X86_TDX_VM
|
if #[cfg(feature = "tdx")] {
|
||||||
#[cfg(feature = "tdx")]
|
let vm = hypervisor
|
||||||
let vm = hypervisor
|
.create_vm_with_type(if tdx_enabled {
|
||||||
.create_vm_with_type(u64::from(tdx_enabled))
|
1 // KVM_X86_TDX_VM
|
||||||
.unwrap();
|
} else {
|
||||||
#[cfg(not(feature = "tdx"))]
|
0 // KVM_X86_LEGACY_VM
|
||||||
let vm = hypervisor.create_vm().unwrap();
|
})
|
||||||
|
.unwrap();
|
||||||
|
} else if #[cfg(feature = "sev_snp")] {
|
||||||
|
let vm = hypervisor
|
||||||
|
.create_vm_with_type(if sev_snp_enabled {
|
||||||
|
1 // SEV_SNP_ENABLED
|
||||||
|
} else {
|
||||||
|
0 // SEV_SNP_DISABLED
|
||||||
|
})
|
||||||
|
.unwrap();
|
||||||
|
} else {
|
||||||
|
let vm = hypervisor.create_vm().unwrap();
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
#[cfg(target_arch = "x86_64")]
|
#[cfg(target_arch = "x86_64")]
|
||||||
{
|
{
|
||||||
|
Loading…
Reference in New Issue
Block a user