3967 Commits

Author SHA1 Message Date
Wei Liu
1f2915bff0 vmm: hypervisor: split set_user_memory_region to two functions
Previously the same function was used to both create and remove regions.
This worked on KVM because it uses size 0 to indicate removal.

MSHV has two calls -- one for creation and one for removal. It also
requires having the size field available because it is not slot based.

Split set_user_memory_region to {create/remove}_user_memory_region. For
KVM they still use set_user_memory_region underneath, but for MSHV they
map to different functions.

This fixes user memory region removal on MSHV.

Signed-off-by: Wei Liu <liuwe@microsoft.com>
2021-07-05 09:45:45 +02:00
Wei Liu
63b8d2eb58 build: bump mshv-{bindings, ioctls} to 3bdb6cae
Signed-off-by: Wei Liu <liuwe@microsoft.com>
2021-07-05 09:45:45 +02:00
Wei Liu
71bbaf556f vmm: seccomp: add seccomp rules for MSHV
Add a minimum set of rules that allow Cloud Hypervisor to run Linux on
top of Microsoft Hypervisor.

Signed-off-by: Wei Liu <liuwe@microsoft.com>
2021-07-05 09:44:02 +02:00
Wei Liu
8819bb0f21 vmm: seccomp: make use of KVM feature
The to-be-introduced MSHV rules don't need to contain KVM rules and vice
versa.

Put KVM constants into to a module. This avoids the warnings about
dead code in the future.

Signed-off-by: Wei Liu <liuwe@microsoft.com>
2021-07-05 09:44:02 +02:00
dependabot[bot]
215372fd78 build: bump vhost from 9982541 to 50b41b8
Bumps [vhost](https://github.com/rust-vmm/vhost) from `9982541` to `50b41b8`.
- [Release notes](https://github.com/rust-vmm/vhost/releases)
- [Commits](9982541776...50b41b8477)

---
updated-dependencies:
- dependency-name: vhost
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
2021-07-04 09:00:01 +00:00
Bo Chen
97b3c9b7b6 net_util: queue_pair: Simplify and fix the TX rate limiter
The TX rate limiter didn't correctly handle the `-EAGAIN` situation
where it should replenish the rate-limiter tokens. This patch simplifies
the TX rate-limiter code path by following the similar trade-off made in
the TX rate limiter, where we always let the `last` descriptor
go-through (even if it was over the rate limit. We simply stop
processing the oncoming `descriptors` if any.

Fixes: #2817

Signed-off-by: Bo Chen <chen.bo@intel.com>
2021-07-01 09:44:10 +01:00
Rob Bradford
43f1a32859 net_util: queue_pair: Remove -EAGAIN write warning
This warning isn't present on on the read case and we now have better
handling of the -EAGAIN situation including retries.

Signed-off-by: Rob Bradford <robert.bradford@intel.com>
2021-06-29 12:31:11 -07:00
Rob Bradford
b45264af75 virtio-devices, net_util, vhost_user_net: Retry writing to TAP
If writing to the TAP returns EAGAIN then listen for the TAP to be
writable. When the TAP becomes writable attempt to process the TX queue
again.

Fixes: #2807

Signed-off-by: Rob Bradford <robert.bradford@intel.com>
2021-06-29 12:31:11 -07:00
Rob Bradford
d9680c4c51 virtio-devices, net_util, vhost_user_net: Rename tap_event_id
When adding a TX version the RX version should be renamed to accomodate
this.

Signed-off-by: Rob Bradford <robert.bradford@intel.com>
2021-06-29 12:31:11 -07:00
Rob Bradford
28b80ba42a tests: Change string checking for console success
The output from getty ("login:") does not always appear. This can be
observed interactively when booting the VM. (Mashing return will bring
it up.) Instead of checking for that string to ensure the VM has booted
instead check for a message from systemd to say it has started the SSH
daemon.

Fixes: #2799

Signed-off-by: Rob Bradford <robert.bradford@intel.com>
2021-06-28 17:09:16 +01:00
Rob Bradford
f40e8ce6b7 tests: For test_console_file print out the console file
This should aid debugging of this test flakiness.

See: #2799

Signed-off-by: Rob Bradford <robert.bradford@intel.com>
2021-06-25 08:55:11 -07:00
Rob Bradford
d494d6b837 test_infra: Fix clippy warning (expect_fun_call)
warning: use of `expect` followed by a function call
   --> test_infra/src/lib.rs:598:10
    |
598 |         .expect(&format!("Expected '{}' to run", command))
    |          ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ help: try this: `unwrap_or_else(|_| panic!("Expected '{}' to run", command))`
    |
    = note: `#[warn(clippy::expect_fun_call)]` on by default
    = help: for further information visit https://rust-lang.github.io/rust-clippy/master/index.html#expect_fun_call

warning: use of `expect` followed by a function call
   --> test_infra/src/lib.rs:605:10
    |
605 |         .expect(&format!("Expected '{}' to run", command))
    |          ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ help: try this: `unwrap_or_else(|_| panic!("Expected '{}' to run", command))`
    |
    = help: for further information visit https://rust-lang.github.io/rust-clippy/master/index.html#expect_fun_call

Signed-off-by: Rob Bradford <robert.bradford@intel.com>
2021-06-25 08:54:17 -07:00
Henry Wang
48326ce731 tests: Enable test_numa_nodes() on AArch64
Signed-off-by: Henry Wang <Henry.Wang@arm.com>
2021-06-25 10:22:40 +01:00
Henry Wang
054c036e81 vmm: acpi: Add AArch64 vCPUs to SRAT table
This commit introduces the `ProcessorGiccAffinity` struct for the
AArch64 platform. This struct will be created and included into
the SRAT table to enable AArch64 NUMA setup.

Signed-off-by: Henry Wang <Henry.Wang@arm.com>
2021-06-25 10:22:40 +01:00
Anatol Belski
5e42e0f1f7 tests: Add case for multiple net devices for Windows guest
Signed-off-by: Anatol Belski <anbelski@linux.microsoft.com>
2021-06-25 10:22:28 +01:00
dependabot[bot]
81ec47b283 build: bump hermit-abi from 0.1.18 to 0.1.19
Bumps [hermit-abi](https://github.com/hermitcore/libhermit-rs) from 0.1.18 to 0.1.19.
- [Release notes](https://github.com/hermitcore/libhermit-rs/releases)
- [Commits](https://github.com/hermitcore/libhermit-rs/commits)

---
updated-dependencies:
- dependency-name: hermit-abi
  dependency-type: indirect
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2021-06-25 09:21:24 +00:00
dependabot[bot]
c101b1f558 build: bump vm-fdt from c89583f to bbfd1e7
Bumps [vm-fdt](https://github.com/rust-vmm/vm-fdt) from `c89583f` to `bbfd1e7`.
- [Release notes](https://github.com/rust-vmm/vm-fdt/releases)
- [Commits](c89583fa49...bbfd1e7719)

---
updated-dependencies:
- dependency-name: vm-fdt
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
2021-06-25 09:21:20 +00:00
dependabot[bot]
efb0e5a49f build: bump hermit-abi from 0.1.18 to 0.1.19 in /fuzz
Bumps [hermit-abi](https://github.com/hermitcore/libhermit-rs) from 0.1.18 to 0.1.19.
- [Release notes](https://github.com/hermitcore/libhermit-rs/releases)
- [Commits](https://github.com/hermitcore/libhermit-rs/commits)

---
updated-dependencies:
- dependency-name: hermit-abi
  dependency-type: indirect
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2021-06-25 09:21:15 +00:00
Muminul Islam
e214bb9eed hypervisor: implement Display for MSHV VcpuState
This functionality is useful for Snapshot/Restore debugging.

Signed-off-by: Muminul Islam <muislam@microsoft.com>
2021-06-24 09:02:36 -07:00
Muminul Islam
5cd82cb2e2 hypervisor: implement get_suspend_regs for MSHV vcpu trait
This vcpu API is necessary for MSHV related debugging.
These two registers controls the vcpu_run in the
/dev/mshv driver code.

Signed-off-by: Muminul Islam <muislam@microsoft.com>
2021-06-24 09:02:36 -07:00
Michael Zhao
cff190fa5f tests: Enable --all option in AArch64 clippy test
Signed-off-by: Michael Zhao <michael.zhao@arm.com>
2021-06-24 08:59:53 -07:00
Michael Zhao
7ba3eeda98 devices: Fix clippy warnings on AArch64
Signed-off-by: Michael Zhao <michael.zhao@arm.com>
2021-06-24 08:59:53 -07:00
Michael Zhao
239e39ddbc vmm: Fix clippy warnings on AArch64
Signed-off-by: Michael Zhao <michael.zhao@arm.com>
2021-06-24 08:59:53 -07:00
Bo Chen
5768dcc320 vmm: Refactor slightly vm_boot and 'control_loop'
It ensures all handlers for `ApiRequest` in `control_loop` are
consistent and minimum and should read better.

No functional changes.

Signed-off-by: Bo Chen <chen.bo@intel.com>
2021-06-24 16:01:39 +02:00
Bo Chen
1075209e2a vmm: Handle ApiRequest::VmCreate in a separate function
It simplifies a bit the `Vmm::control_loop` and reads better to be
consistent with other `ApiRequest` handlers. Also, it removes the
repetitive `ApiError::VmAlreadyCreated` and makes `ApiError::VmCreate`
useful.

No functional changes.

Signed-off-by: Bo Chen <chen.bo@intel.com>
2021-06-24 16:01:39 +02:00
Michael Zhao
54c552f90d docs: Update arm64 doc
Simplified the build instruction on arm64.
And the binary built with default option can be used for both UEFI and
direct-kernel test.

Signed-off-by: Michael Zhao <michael.zhao@arm.com>
2021-06-24 13:13:27 +01:00
Michael Zhao
d330d91e1a tests: Optimize integration test on AArch64
AArch64 tests were divided into 2 steps:
- Build and test with 'acpi' feature
- Build and test without 'acpi'

This can be optimized. We need only to build and test once with default
features ('acpi' is enabled).

On AArch64, ACPI only works with UEFI. If UEFI is not available, guest
kernel fall back to use FDT. Most AArch64 test cases boot from direct
kernel, the guest will keep using FDT even if ACPI is enabled. So
nothing is broken.

Signed-off-by: Michael Zhao <michael.zhao@arm.com>
2021-06-24 13:13:27 +01:00
Michael Zhao
3613b4c096 aarch64: Enable default build option
We have been building Cloud Hypervisor with command like:
`cargo build --no-default-features --features ...`.

After implementing ACPI, we donot have to use specify all features
explicitly. Default build command `cargo build` can work.

This commit fixed some build warnings with default build option and
changed github workflow correspondingly.

Signed-off-by: Michael Zhao <michael.zhao@arm.com>
2021-06-24 13:13:27 +01:00
Michael Zhao
45c4d1a06e aarch64: Reduce UEFI space size to 4 MiB
UEFI need to be loaded to a flash area at the beginning of guest memory
address space. To simulate the flash, we take a piece of RAM and hide
it to the guest. As this is a temporary solution, the hiden RAM for UEFI
should be as little as possible. The size was 64 MiB, that's too much,
4 MiB is enough.

The down side of such simulation is that there is a gap (4 MiB) between
the memory size in VMM's view and that in guest's view. This is to be
fixed by implementing a flash device in future.

Signed-off-by: Michael Zhao <michael.zhao@arm.com>
2021-06-24 13:13:27 +01:00
Sebastien Boeuf
d4d62fc9dc deps: Update vhost crate from 1a03a2a to 9982541
This dependency bump needed some manual handling since the API changed
quite a lot regarding some RawFd being changed into either File or
AsRawFd traits.

Signed-off-by: Sebastien Boeuf <sebastien.boeuf@intel.com>
2021-06-24 13:13:19 +01:00
Bo Chen
c4be0f4235 clippy: Address the issue 'needless-collect'
error: avoid using `collect()` when not needed
   --> vmm/src/vm.rs:630:86
    |
630 |             let node_id_list: Vec<u32> = configs.iter().map(|cfg| cfg.guest_numa_id).collect();
    |                                                                                      ^^^^^^^
...
664 |                         if !node_id_list.contains(&dest) {
    |                             ---------------------------- the iterator could be used here instead
    |
    = note: `-D clippy::needless-collect` implied by `-D warnings`
    = help: for further information visit https://rust-lang.github.io/rust-clippy/master/index.html#needless_collect

Signed-off-by: Bo Chen <chen.bo@intel.com>
2021-06-24 08:55:43 +02:00
Bo Chen
5825ab2dd4 clippy: Address the issue 'needless-borrow'
Issue from beta verion of clippy:

Error:    --> vm-virtio/src/queue.rs:700:59
    |
700 |             if let Some(used_event) = self.get_used_event(&mem) {
    |                                                           ^^^^ help: change this to: `mem`
    |
    = note: `-D clippy::needless-borrow` implied by `-D warnings`
    = help: for further information visit https://rust-lang.github.io/rust-clippy/master/index.html#needless_borrow

Signed-off-by: Bo Chen <chen.bo@intel.com>
2021-06-24 08:55:43 +02:00
Bo Chen
585269ecb9 clippy: Address the issue 'field is never read'
Issue from beta verion of clippy:

error: field is never read: `type`
   --> vmm/src/cpu.rs:235:5
    |
235 |     pub r#type: u8,
    |     ^^^^^^^^^^^^^^
    |
    = note: `-D dead-code` implied by `-D warnings`

Signed-off-by: Bo Chen <chen.bo@intel.com>
2021-06-24 08:55:43 +02:00
Muminul Islam
5432cbfaad hypervisor: Set MTRRdefType in MSHV guest initialization to enable cpu caching
Initialize MTRR defType register the same way the KVM code does - WB caching by default.
Tested with latest mshv code.

Without this patch, these lines are present in guest serial log:
[ 0.000032] x86/PAT: MTRRs disabled, skipping PAT initialization too.
[ 0.000036] CPU MTRRs all blank - virtualized system.
This indicates the guest is detecting the set MTRR.

Signed-off-by: Nuno Das Neves <nudasnev@microsoft.com>
Signed-off-by: Muminul Islam <muislam@microsoft.com>
2021-06-23 17:44:24 +01:00
Rob Bradford
4d25eaa24a vmm: Add I/O port range to PCI bus resources
The Linux kernel expects that any PCI devices that advertise I/O bars
have use an address that is within the range advertised by the bus
itself. Unfortunately we were not advertising any I/O ports associated
with the PCI bus in the ACPI tables.

Signed-off-by: Rob Bradford <robert.bradford@intel.com>
2021-06-23 16:48:52 +01:00
dependabot[bot]
58461ce250 build: bump vhost from 2e4396c to 1a03a2a
Bumps [vhost](https://github.com/rust-vmm/vhost) from `2e4396c` to `1a03a2a`.
- [Release notes](https://github.com/rust-vmm/vhost/releases)
- [Commits](2e4396c9cc...1a03a2aca7)

---
updated-dependencies:
- dependency-name: vhost
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
2021-06-23 07:52:22 +00:00
dependabot[bot]
57762d4328 build: bump mshv-ioctls from c2c3079 to 06cb96c
Bumps [mshv-ioctls](https://github.com/cloud-hypervisor/mshv) from `c2c3079` to `06cb96c`.
- [Release notes](https://github.com/cloud-hypervisor/mshv/releases)
- [Commits](c2c30794f4...06cb96ccd1)

---
updated-dependencies:
- dependency-name: mshv-ioctls
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
2021-06-22 18:32:56 +00:00
Muminul Islam
652e30c97d hypervisor: Fix clippy error on MSHV
This patch addresses this issue https://github.com/rust-lang/rust-bindgen/pull/2064.
While we access field of packed struct the compiler can generate the
correct code to create a temporary variable to access the packed struct
field. Access withing {} ensures that.

Signed-off-by: Muminul Islam <muislam@microsoft.com>
2021-06-22 10:37:28 -07:00
Muminul Islam
49e061d15b hypervisor: Fix hv_translate_gva_result_code with correct value
Signed-off-by: Muminul Islam <muislam@microsoft.com>
2021-06-22 10:37:28 -07:00
Muminul Islam
28ad84c207 build: bump mshv-{bindings, ioctls} from 1024e9a to c2c3079
Signed-off-by: Muminul Islam <muislam@microsoft.com>
2021-06-22 10:37:28 -07:00
Michael Zhao
b546afd196 docs: Update arm64 document
Adjusted the document structure and added ACPI related content.

Signed-off-by: Michael Zhao <michael.zhao@arm.com>
2021-06-22 09:36:27 -07:00
dependabot[bot]
6974b378f3 build: bump openssl-sys from 0.9.63 to 0.9.65
Bumps [openssl-sys](https://github.com/sfackler/rust-openssl) from 0.9.63 to 0.9.65.
- [Release notes](https://github.com/sfackler/rust-openssl/releases)
- [Commits](https://github.com/sfackler/rust-openssl/compare/openssl-sys-v0.9.63...openssl-sys-v0.9.65)

---
updated-dependencies:
- dependency-name: openssl-sys
  dependency-type: indirect
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2021-06-22 10:22:59 +00:00
Sebastien Boeuf
4d36ecef9e tests: Fix virtio_balloon integration test
The virtio_balloon test is a bit flaky since we can't really know how
much the balloon is gonna be deflated when the guest is under memory
pressure. That's why it's safer to simply check that the balloon is not
the initial size anymore.

One small detail, but we don't need to check for the balloon size to be
higher than 0 since the returned value is a u64.

Signed-off-by: Sebastien Boeuf <sebastien.boeuf@intel.com>
2021-06-22 11:49:53 +02:00
dependabot[bot]
8a02cb3378 build: bump vcpkg from 0.2.14 to 0.2.15
Bumps [vcpkg](https://github.com/mcgoo/vcpkg-rs) from 0.2.14 to 0.2.15.
- [Release notes](https://github.com/mcgoo/vcpkg-rs/releases)
- [Changelog](https://github.com/mcgoo/vcpkg-rs/blob/master/CHANGELOG.md)
- [Commits](https://github.com/mcgoo/vcpkg-rs/compare/vcpkg-rs-0.2.14...vcpkg-rs-0.2.15)

---
updated-dependencies:
- dependency-name: vcpkg
  dependency-type: indirect
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2021-06-22 07:39:11 +00:00
dependabot[bot]
15112ae1b6 build: bump rustc-demangle from 0.1.19 to 0.1.20
Bumps [rustc-demangle](https://github.com/alexcrichton/rustc-demangle) from 0.1.19 to 0.1.20.
- [Release notes](https://github.com/alexcrichton/rustc-demangle/releases)
- [Commits](https://github.com/alexcrichton/rustc-demangle/compare/0.1.19...0.1.20)

---
updated-dependencies:
- dependency-name: rustc-demangle
  dependency-type: indirect
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2021-06-21 17:53:34 +00:00
Sebastien Boeuf
c93b7037b4 Jenkinsfile: Update the way to download private images
Since we ran into issues while using the Azure credentials plugin for
Jenkins, let's rely directly on the Azure CLI to download the Windows
guest image along with the modified OVMF firmware.

Signed-off-by: Sebastien Boeuf <sebastien.boeuf@intel.com>
2021-06-21 19:20:37 +02:00
Rob Bradford
56c3073da4 github: Check files are not modified during build
Fixes: #2773

Signed-off-by: Rob Bradford <robert.bradford@intel.com>
2021-06-18 17:47:43 +02:00
Rob Bradford
cee5508e9b build: Add missing Cargo.lock change
Signed-off-by: Rob Bradford <robert.bradford@intel.com>
2021-06-18 16:01:25 +01:00
Rob Bradford
b56e1217b6 vmm: tdx: Add KVM_FEATURE_STEAL_TIME_BIT to filtered bits
Filter out the KVM_FEATURE_STEAL_TIME_BIT when running with TDX.

Signed-off-by: Rob Bradford <robert.bradford@intel.com>
2021-06-18 15:54:10 +01:00
Rob Bradford
fb2e8b6817 Jenkins: Migrate workers to Hirsute Hippo
Groovy is EOLed on 2021-07-22.

Fixes: #2769

Signed-off-by: Rob Bradford <robert.bradford@intel.com>
2021-06-18 11:44:56 +02:00