6438 Commits

Author SHA1 Message Date
Kaihang Zhang
12abe2dd2b openapi: Make 'vcpu' and 'host_cpus' required in CpuAffinity
Signed-off-by: Kaihang Zhang <kaihang.zhang@smartx.com>
2023-04-18 16:40:57 -07:00
Rob Bradford
39a81c596f arch, hypervisor: Populate CPUID leaf 0x4000_0010 (TSC frequency)
This hypervisor leaf includes details of the TSC frequency if that is
available from KVM. This can be used to efficiently calculate time
passed when there is an invariant TSC.

TEST=Run `cpuid` in the guest and observe the frequency populated.

Fixes: #5178

Signed-off-by: Rob Bradford <robert.bradford@intel.com>
2023-04-18 16:40:57 -07:00
Bo Chen
3b0d2e796b build: Release v28.2 (bug fix release)
Signed-off-by: Bo Chen <chen.bo@intel.com>
v28.2
2023-01-25 08:44:46 -08:00
Rob Bradford
42357c01f3 .github: Don't try and create releases for created branches
Dependabot will create a branch on the repo for it's updates this
triggers the release action (because it's the same event as a tag) which
will then fail leading to dependabot PRs not being automerged. Instead
only run the release check test on PRs or tag creation.

Signed-off-by: Rob Bradford <robert.bradford@intel.com>
(cherry picked from commit f6c058da56b93faf6249a9651b16fd8a1104f9a6)
2023-01-24 06:04:01 -08:00
Rob Bradford
b7b5b9d7e6 .github: Re-order release steps to ensure binaries are available
Since we run "cargo clean" before running the aarch64 build we need to
create the release and upload the x86-64 assets before the clean.

Signed-off-by: Rob Bradford <robert.bradford@intel.com>
(cherry picked from commit 6e9172bf6f9fda6543d757150d6f0c0314400bd4)
Signed-off-by: Bo Chen <chen.bo@intel.com>
2023-01-24 06:04:01 -08:00
Rob Bradford
a63e064004 .github: Clean source tree before cross building release assets
This address issues with leaking symbols into the cross build.

Signed-off-by: Rob Bradford <robert.bradford@intel.com>
(cherry picked from commit 547230bb7757f8e837b90ea34c5cc79c6ebe33fd)
Signed-off-by: Bo Chen <chen.bo@intel.com>
2023-01-24 06:04:01 -08:00
Rob Bradford
62c1f39ea2 .github: Run release style builds on all PRs
Adjust the release workflow to move the conditional check on the tag
creation into the steps that create the release/upload the assets.

This allows us to ensure we're always in a releaseable state.

Signed-off-by: Rob Bradford <robert.bradford@intel.com>
(cherry picked from commit ef7e177df2ffd9233eec6870ace5152217ef8d38)
Signed-off-by: Bo Chen <chen.bo@intel.com>
2023-01-24 06:04:01 -08:00
Bo Chen
460ba718d4 github,Cargo.toml: Strip release binaries using toolchain
From Rust 1.59, the cargo command is now able to strip a binary [1].
This can be enabled in Cargo.toml by adding a `strip = "true"` to
the `[profile.release]` section.

Adding such binary stripping support in Cargo.toml of the project,
also change the stripping process in the release workflow to the one
using toolchain, so that the AArch64 release binaries can also
be stripped.

Fixes: https://github.com/cloud-hypervisor/cloud-hypervisor/issues/4916

[1] https://doc.rust-lang.org/beta/cargo/reference/profiles.html#strip

Signed-off-by: Henry Wang <Henry.Wang@arm.com>
(cherry picked from commit 1ff0191b305a91ee4c1c0bf2e5e8ac93207ca269)
Signed-off-by: Bo Chen <chen.bo@intel.com>
2023-01-24 06:04:01 -08:00
Bo Chen
c91a8e1324 misc: Automatically fix cargo clippy issues added in 1.65 (stable)
The code of the stable branch diverges from the main branch, so we
can't directly backport the corresponding commit to fix the clippy
issues.

See: commit 5e52729453cb62edbe4fb3a4aa24f8cca31e667e

Signed-off-by: Bo Chen <chen.bo@intel.com>
2023-01-19 09:12:38 -08:00
Philipp Schuster
1adfb7e9f8 virtio-devices: properly join all threads on Drop
This change is important to do a proper resource cleanup. We decided
to do this repetitive approach as VirtioCommon can't implement Drop
without major changes to the corresponding code. Also, devices such as
Net can't easily use the epoll_threads-abstraction from VirtioCommon as
it has multiple threads with different semantics.

Signed-off-by: Philipp Schuster <philipp.schuster@cyberus-technology.de>
(cherry picked from commit ad6c0ee52be40413aaa3032bc6758542ae06c2cd)
2023-01-19 09:12:38 -08:00
Muminul Islam
8dd4d42053 vmm: Ensure PIO/MMIO exits complete before pausing only for KVM
MSHV does not require to ensure MMIO/PIO exits complete
before pausing. This patch makes sure the above requirement
by checking the hypervisor type run-time.

Fixes #5037

Signed-off-by: Muminul Islam <muislam@microsoft.com>
(cherry picked from commit 4e3bc20f2ceac9ea3861b76512375cc5f295dc97)
2023-01-19 09:12:38 -08:00
Sebastien Boeuf
3834b43878 qcow: Fix number of refcount table entries
The number of entries in the refcount table was incorrectly calculated
given there was no need for dividing the number of refblock clusters.
The number of refblock clusters is the number of entries in the refcount
table.

Suggested-by: lv_mz <lv.mengzhao@zte.com.cn>
Signed-off-by: Sebastien Boeuf <sebastien.boeuf@intel.com>
(cherry picked from commit 0e7d5d27611631306f2df2d9e55d0610f441e3eb)
2023-01-19 09:12:38 -08:00
Bo Chen
52605cc0e4 build: Release v28.1 (bug fix release)
Signed-off-by: Bo Chen <chen.bo@intel.com>
v28.1
2022-12-13 13:02:57 -08:00
Rob Bradford
92beda1e32 README: Use consistent path to cloud-hypervisor binary
Signed-off-by: Rob Bradford <robert.bradford@intel.com>
(cherry picked from commit 00becda89968ef714e5dfd6e7ea9afd9fbe0a931)
Signed-off-by: Rob Bradford <robert.bradford@intel.com>
2022-12-13 15:12:40 +00:00
Bo Chen
167fef382a net_util: queue_pair: Avoid integer overflow
This integer overflow was triggered with fuzzing on the virtio-net
device. The integer overflow is from the wrong assumption that the
packets read from or written to the tap device is always larger than the
size of a virtio-net header.

Signed-off-by: Bo Chen <chen.bo@intel.com>
(cherry picked from commit 559faa272a6db63958a861fa8c333cca7b911163)
Signed-off-by: Rob Bradford <robert.bradford@intel.com>
2022-12-13 15:12:40 +00:00
Yuji Hagiwara
5126e9b26e docs: Fix a typo on the doc for tpm
swtpm accepts --tpmstate option

Signed-off-by: Yuji Hagiwara <yuuzi41@gmail.com>
(cherry picked from commit 47a7ebe43417702af90d631e89b7e840e3e9331a)
Signed-off-by: Rob Bradford <robert.bradford@intel.com>
2022-12-13 15:12:40 +00:00
Bo Chen
59bd682b1f net_util: queue_pair: Avoid panic and handle error properly
This panic was triggered with fuzzing on the virtio-net device. This
commits handles the error explicitly to avoid the panic, which also
makes the fuzzer happy (as panic is treated as bugs).

Signed-off-by: Bo Chen <chen.bo@intel.com>
(cherry picked from commit 4d9a2b17a76ad261bfe45b1656d28acb97e0d8e3)
Signed-off-by: Rob Bradford <robert.bradford@intel.com>
2022-12-13 15:12:40 +00:00
Rob Bradford
8e3b351038 arch: x86_64: Use host cpuid information for L2 cache for older KVM
If the KVM version is too old (pre Linux 5.7) then fetch the CPUID
information from the host and use that in the guest. We prefer the KVM
version over the host version as that would use the CPUID for the
running CPU vs the CPU that runs this code which might be different due
to a hybrid topology.

Fixes: #4918

Signed-off-by: Rob Bradford <robert.bradford@intel.com>
(cherry picked from commit 7c3110e6d59340489a28b38cdecd43427a222b1b)
Signed-off-by: Rob Bradford <robert.bradford@intel.com>
2022-12-13 15:12:40 +00:00
Rob Bradford
3f8d06b47e build: Update dependencies in v28.x stable branch
Signed-off-by: Rob Bradford <robert.bradford@intel.com>
2022-12-13 14:29:22 +00:00
Rob Bradford
66460765a3 build: Release v28.0
Signed-off-by: Rob Bradford <robert.bradford@intel.com>
v28.0
2022-11-17 15:40:14 +00:00
Rob Bradford
b748b8987d Jenkinsfile: Re-enable metrics CI
Signed-off-by: Rob Bradford <robert.bradford@intel.com>
2022-11-17 15:34:12 +00:00
Wei Liu
c9483fb080 tracer: avoid unnecessary allocations
Allocation is only required when creating a new entry in the hashmap.

Signed-off-by: Wei Liu <liuwe@microsoft.com>
2022-11-17 12:52:27 +00:00
Michael Zhao
f52cd3bb85 Revert "Jenkins: Temporarily turn off AArch64 CI"
This reverts commit 345e65c9c2cd3660b60484f668234f4a7b642ea6.
The AArch64 server maintenance is done. Now we can enable the CI again.

Signed-off-by: Michael Zhao <michael.zhao@arm.com>
2022-11-17 15:26:27 +08:00
dependabot[bot]
57cd12fabc build: Bump remain from 0.2.4 to 0.2.5
Bumps [remain](https://github.com/dtolnay/remain) from 0.2.4 to 0.2.5.
- [Release notes](https://github.com/dtolnay/remain/releases)
- [Commits](https://github.com/dtolnay/remain/compare/0.2.4...0.2.5)

---
updated-dependencies:
- dependency-name: remain
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-11-16 23:48:46 +00:00
dependabot[bot]
869c649e81 build: Bump os_str_bytes from 6.3.1 to 6.4.0 in /fuzz
Bumps [os_str_bytes](https://github.com/dylni/os_str_bytes) from 6.3.1 to 6.4.0.
- [Release notes](https://github.com/dylni/os_str_bytes/releases)
- [Commits](https://github.com/dylni/os_str_bytes/compare/6.3.1...6.4.0)

---
updated-dependencies:
- dependency-name: os_str_bytes
  dependency-type: indirect
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-11-16 23:24:01 +00:00
Rob Bradford
a9e30c88df README: Update version of Rust Hypervisor Firmware
Signed-off-by: Rob Bradford <robert.bradford@intel.com>
2022-11-16 08:11:22 -08:00
dependabot[bot]
1666375a31 build: Bump vfio-ioctls from bf7c9b9 to ad86d84
Bumps [vfio-ioctls](https://github.com/rust-vmm/vfio) from `bf7c9b9` to `ad86d84`.
- [Release notes](https://github.com/rust-vmm/vfio/releases)
- [Commits](bf7c9b997b...ad86d843a2)

---
updated-dependencies:
- dependency-name: vfio-ioctls
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-11-16 11:26:45 +00:00
dependabot[bot]
9a0be7db3a build: Bump uuid from 1.2.1 to 1.2.2 in /fuzz
Bumps [uuid](https://github.com/uuid-rs/uuid) from 1.2.1 to 1.2.2.
- [Release notes](https://github.com/uuid-rs/uuid/releases)
- [Commits](https://github.com/uuid-rs/uuid/compare/1.2.1...1.2.2)

---
updated-dependencies:
- dependency-name: uuid
  dependency-type: indirect
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-11-15 23:17:26 +00:00
Praveen K Paladugu
324c5deb37 docs: Add doc for using and testing tpm device
Signed-off-by: Praveen K Paladugu <prapal@linux.microsoft.com>
2022-11-15 16:42:21 +00:00
Praveen K Paladugu
09e79a5e9b vmm: Add tpm device to mmio bus
Add tpm device to mmio bus if appropriate cmdline arguments were
passed.

Signed-off-by: Praveen K Paladugu <prapal@linux.microsoft.com>
2022-11-15 16:42:21 +00:00
Praveen K Paladugu
af261f231c vmm: Add required acpi entries for vtpm device
Add an TPM2 entry to DSDT ACPI table. Add a TPM2 table to guest's ACPI.

Signed-off-by: Praveen K Paladugu <prapal@linux.microsoft.com>
Co-authored-by: Sean Yoo <t-seanyoo@microsoft.com>
2022-11-15 16:42:21 +00:00
Praveen K Paladugu
7122e2989c vmm: Add tpm parameter
Add an optional --tpm parameter that takes UNIX Domain
Socket from swtpm.

Signed-off-by: Praveen K Paladugu <prapal@linux.microsoft.com>
2022-11-15 16:42:21 +00:00
Praveen K Paladugu
d0b253d15f devices: Add tpm device
This device emulates a tpm device in cloud-hypervisor. Read and write support
to miminal set of control registers is supported.

Non-control commands will be processed as reads and write to
CRB_DATA_BUFFER. Reads and Writes to this data buffer are forwarded to
swtpm via the configured data_fd.

Signed-off-by: Praveen K Paladugu <prapal@linux.microsoft.com>
Co-authored-by: Sean Yoo <t-seanyoo@microsoft.com>
2022-11-15 16:42:21 +00:00
Praveen K Paladugu
59baa29deb arch: Add TPM Address ranges to layouts
Add TPM's CRB Interface specific address ranges to layouts

Signed-off-by: Praveen K Paladugu <prapal@linux.microsoft.com>
Co-authored-by: Sean Yoo <t-seanyoo@microsoft.com>
2022-11-15 16:42:21 +00:00
Praveen K Paladugu
19fdf8bc79 tpm: Add emulator module
Emulator module adds methods required to communicate with swtpm
over Ctrl and Data channels.

Signed-off-by: Praveen K Paladugu <prapal@linux.microsoft.com>
Co-authored-by: Sean Yoo <t-seanyoo@microsoft.com>
2022-11-15 16:42:21 +00:00
Praveen K Paladugu
58b902d036 tpm: Add socket module
Add SocketDev struct. Methods in SocketDev will be used to read & write
to Ctrl channel created by swtpm.

Signed-off-by: Praveen K Paladugu <prapal@linux.microsoft.com>
Co-authored-by: Sean Yoo <t-seanyoo@microsoft.com>
2022-11-15 16:42:21 +00:00
Praveen K Paladugu
e3213c8a79 tpm: Add library module
Add structures and related methods to process Ctrl requests and responses
from swtpm to tpm library.

Signed-off-by: Praveen K Paladugu <prapal@linux.microsoft.com>
Co-authored-by: Sean Yoo <t-seanyoo@microsoft.com>
2022-11-15 16:42:21 +00:00
Wei Liu
2e2ce47271 hypervisor: do not get and set MSR_IA32_TSC for MSHV
Setting that MSR causes the reference TSC page to be disabled.

Signed-off-by: Wei Liu <liuwe@microsoft.com>
2022-11-15 10:19:57 +00:00
Rob Bradford
d3a8332282 tests: Remove test_reboot
There is no need for this test any longer as we have plenty of other
tests that reboot the VM.

Further this test used unmodified bionic image, which not only will be
EOLed soon but also took a long time to shutdown as it still had snapd
installed.

Fixes: #4849

Signed-off-by: Rob Bradford <robert.bradford@intel.com>
2022-11-15 09:30:16 +00:00
dependabot[bot]
c64004b9a9 build: Bump mshv-ioctls from ac9c92f to 1a9ca01
Bumps [mshv-ioctls](https://github.com/rust-vmm/mshv) from `ac9c92f` to `1a9ca01`.
- [Release notes](https://github.com/rust-vmm/mshv/releases)
- [Commits](ac9c92f9b3...1a9ca01801)

---
updated-dependencies:
- dependency-name: mshv-ioctls
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-11-14 23:45:35 +00:00
Rob Bradford
149e424b6e virtio-devices: block: Return error to driver on writes if read-only
TEST=Boot `--disk readonly=on` along with a guest that tries to write
(unmodified hypervisor-fw) and observe that the virtio device thread no
longer panics.

Fixes: #4888

Signed-off-by: Rob Bradford <robert.bradford@intel.com>
2022-11-14 15:28:30 +00:00
Wei Liu
b07d471d4f virtio-devices: show the failed block request to help debugging
Signed-off-by: Wei Liu <liuwe@microsoft.com>
2022-11-14 14:19:17 +00:00
Michael Zhao
345e65c9c2 Jenkins: Temporarily turn off AArch64 CI
Temporarily turn off AArch64 integration test in Jenkins for server
maintenance.

Signed-off-by: Michael Zhao <michael.zhao@arm.com>
2022-11-14 08:34:47 +00:00
dependabot[bot]
f93aa42319 build: Bump once_cell from 1.15.0 to 1.16.0
Bumps [once_cell](https://github.com/matklad/once_cell) from 1.15.0 to 1.16.0.
- [Release notes](https://github.com/matklad/once_cell/releases)
- [Changelog](https://github.com/matklad/once_cell/blob/master/CHANGELOG.md)
- [Commits](https://github.com/matklad/once_cell/compare/v1.15.0...v1.16.0)

---
updated-dependencies:
- dependency-name: once_cell
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-11-12 08:30:12 +00:00
dependabot[bot]
fa4bf92feb build: Bump io-uring from 0.5.8 to 0.5.9 in /fuzz
Bumps [io-uring](https://github.com/tokio-rs/io-uring) from 0.5.8 to 0.5.9.
- [Release notes](https://github.com/tokio-rs/io-uring/releases)
- [Commits](https://github.com/tokio-rs/io-uring/commits)

---
updated-dependencies:
- dependency-name: io-uring
  dependency-type: indirect
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-11-12 08:30:01 +00:00
Rob Bradford
f30d460fa3 virtio-devices: seccomp: Move mprotect() to virtio common rules
It's perfectly reasonable to expect if that some virtio threads trigger
libc behaviour that needs mprotect() that all virtio threads would do
the same.

Fixes: #4874

Signed-off-by: Rob Bradford <robert.bradford@intel.com>
2022-11-12 08:29:47 +00:00
Rob Bradford
2c94773bdc docs: seccomp: Enhance strace command to print thread name
Signed-off-by: Rob Bradford <robert.bradford@intel.com>
2022-11-11 16:47:24 +00:00
dependabot[bot]
9f1d2d34e8 build: Bump darling from 0.14.1 to 0.14.2
Bumps [darling](https://github.com/TedDriggs/darling) from 0.14.1 to 0.14.2.
- [Release notes](https://github.com/TedDriggs/darling/releases)
- [Changelog](https://github.com/TedDriggs/darling/blob/master/CHANGELOG.md)
- [Commits](https://github.com/TedDriggs/darling/compare/v0.14.1...v0.14.2)

---
updated-dependencies:
- dependency-name: darling
  dependency-type: indirect
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-11-11 08:15:25 +00:00
Rob Bradford
57508a4b1c virtio-net: net: Wait for threads to exit on Drop
It is required to close all file descriptors pointing to an opened TAP
device prior to reopening the TAP device; otherwise it will return
-EBUSY as the device can only be opened once (excluding MQ use cases.)

When rebooting the VM the virtio-net threads would still be running and
so the TAP file descriptor may not have been closed. To ensure that the
TAP FD is closed wait for all the epoll threads to exit after receiving the
KILL_EVENT.

Fixes: #4868

Signed-off-by: Rob Bradford <robert.bradford@intel.com>
2022-11-10 07:46:16 -08:00
dependabot[bot]
012f2572d5 build: Bump terminal_size from 0.2.1 to 0.2.2
Bumps [terminal_size](https://github.com/eminence/terminal-size) from 0.2.1 to 0.2.2.
- [Release notes](https://github.com/eminence/terminal-size/releases)
- [Commits](https://github.com/eminence/terminal-size/compare/v0.2.1...v0.2.2)

---
updated-dependencies:
- dependency-name: terminal_size
  dependency-type: indirect
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-11-10 09:39:09 +00:00