Commit Graph

6913 Commits

Author SHA1 Message Date
Rob Bradford
a9e30c88df README: Update version of Rust Hypervisor Firmware
Signed-off-by: Rob Bradford <robert.bradford@intel.com>
2022-11-16 08:11:22 -08:00
dependabot[bot]
1666375a31 build: Bump vfio-ioctls from bf7c9b9 to ad86d84
Bumps [vfio-ioctls](https://github.com/rust-vmm/vfio) from `bf7c9b9` to `ad86d84`.
- [Release notes](https://github.com/rust-vmm/vfio/releases)
- [Commits](bf7c9b997b...ad86d843a2)

---
updated-dependencies:
- dependency-name: vfio-ioctls
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-11-16 11:26:45 +00:00
dependabot[bot]
9a0be7db3a build: Bump uuid from 1.2.1 to 1.2.2 in /fuzz
Bumps [uuid](https://github.com/uuid-rs/uuid) from 1.2.1 to 1.2.2.
- [Release notes](https://github.com/uuid-rs/uuid/releases)
- [Commits](https://github.com/uuid-rs/uuid/compare/1.2.1...1.2.2)

---
updated-dependencies:
- dependency-name: uuid
  dependency-type: indirect
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-11-15 23:17:26 +00:00
Praveen K Paladugu
324c5deb37 docs: Add doc for using and testing tpm device
Signed-off-by: Praveen K Paladugu <prapal@linux.microsoft.com>
2022-11-15 16:42:21 +00:00
Praveen K Paladugu
09e79a5e9b vmm: Add tpm device to mmio bus
Add tpm device to mmio bus if appropriate cmdline arguments were
passed.

Signed-off-by: Praveen K Paladugu <prapal@linux.microsoft.com>
2022-11-15 16:42:21 +00:00
Praveen K Paladugu
af261f231c vmm: Add required acpi entries for vtpm device
Add an TPM2 entry to DSDT ACPI table. Add a TPM2 table to guest's ACPI.

Signed-off-by: Praveen K Paladugu <prapal@linux.microsoft.com>
Co-authored-by: Sean Yoo <t-seanyoo@microsoft.com>
2022-11-15 16:42:21 +00:00
Praveen K Paladugu
7122e2989c vmm: Add tpm parameter
Add an optional --tpm parameter that takes UNIX Domain
Socket from swtpm.

Signed-off-by: Praveen K Paladugu <prapal@linux.microsoft.com>
2022-11-15 16:42:21 +00:00
Praveen K Paladugu
d0b253d15f devices: Add tpm device
This device emulates a tpm device in cloud-hypervisor. Read and write support
to miminal set of control registers is supported.

Non-control commands will be processed as reads and write to
CRB_DATA_BUFFER. Reads and Writes to this data buffer are forwarded to
swtpm via the configured data_fd.

Signed-off-by: Praveen K Paladugu <prapal@linux.microsoft.com>
Co-authored-by: Sean Yoo <t-seanyoo@microsoft.com>
2022-11-15 16:42:21 +00:00
Praveen K Paladugu
59baa29deb arch: Add TPM Address ranges to layouts
Add TPM's CRB Interface specific address ranges to layouts

Signed-off-by: Praveen K Paladugu <prapal@linux.microsoft.com>
Co-authored-by: Sean Yoo <t-seanyoo@microsoft.com>
2022-11-15 16:42:21 +00:00
Praveen K Paladugu
19fdf8bc79 tpm: Add emulator module
Emulator module adds methods required to communicate with swtpm
over Ctrl and Data channels.

Signed-off-by: Praveen K Paladugu <prapal@linux.microsoft.com>
Co-authored-by: Sean Yoo <t-seanyoo@microsoft.com>
2022-11-15 16:42:21 +00:00
Praveen K Paladugu
58b902d036 tpm: Add socket module
Add SocketDev struct. Methods in SocketDev will be used to read & write
to Ctrl channel created by swtpm.

Signed-off-by: Praveen K Paladugu <prapal@linux.microsoft.com>
Co-authored-by: Sean Yoo <t-seanyoo@microsoft.com>
2022-11-15 16:42:21 +00:00
Praveen K Paladugu
e3213c8a79 tpm: Add library module
Add structures and related methods to process Ctrl requests and responses
from swtpm to tpm library.

Signed-off-by: Praveen K Paladugu <prapal@linux.microsoft.com>
Co-authored-by: Sean Yoo <t-seanyoo@microsoft.com>
2022-11-15 16:42:21 +00:00
Wei Liu
2e2ce47271 hypervisor: do not get and set MSR_IA32_TSC for MSHV
Setting that MSR causes the reference TSC page to be disabled.

Signed-off-by: Wei Liu <liuwe@microsoft.com>
2022-11-15 10:19:57 +00:00
Rob Bradford
d3a8332282 tests: Remove test_reboot
There is no need for this test any longer as we have plenty of other
tests that reboot the VM.

Further this test used unmodified bionic image, which not only will be
EOLed soon but also took a long time to shutdown as it still had snapd
installed.

Fixes: #4849

Signed-off-by: Rob Bradford <robert.bradford@intel.com>
2022-11-15 09:30:16 +00:00
dependabot[bot]
c64004b9a9 build: Bump mshv-ioctls from ac9c92f to 1a9ca01
Bumps [mshv-ioctls](https://github.com/rust-vmm/mshv) from `ac9c92f` to `1a9ca01`.
- [Release notes](https://github.com/rust-vmm/mshv/releases)
- [Commits](ac9c92f9b3...1a9ca01801)

---
updated-dependencies:
- dependency-name: mshv-ioctls
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-11-14 23:45:35 +00:00
Rob Bradford
149e424b6e virtio-devices: block: Return error to driver on writes if read-only
TEST=Boot `--disk readonly=on` along with a guest that tries to write
(unmodified hypervisor-fw) and observe that the virtio device thread no
longer panics.

Fixes: #4888

Signed-off-by: Rob Bradford <robert.bradford@intel.com>
2022-11-14 15:28:30 +00:00
Wei Liu
b07d471d4f virtio-devices: show the failed block request to help debugging
Signed-off-by: Wei Liu <liuwe@microsoft.com>
2022-11-14 14:19:17 +00:00
Michael Zhao
345e65c9c2 Jenkins: Temporarily turn off AArch64 CI
Temporarily turn off AArch64 integration test in Jenkins for server
maintenance.

Signed-off-by: Michael Zhao <michael.zhao@arm.com>
2022-11-14 08:34:47 +00:00
dependabot[bot]
f93aa42319 build: Bump once_cell from 1.15.0 to 1.16.0
Bumps [once_cell](https://github.com/matklad/once_cell) from 1.15.0 to 1.16.0.
- [Release notes](https://github.com/matklad/once_cell/releases)
- [Changelog](https://github.com/matklad/once_cell/blob/master/CHANGELOG.md)
- [Commits](https://github.com/matklad/once_cell/compare/v1.15.0...v1.16.0)

---
updated-dependencies:
- dependency-name: once_cell
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-11-12 08:30:12 +00:00
dependabot[bot]
fa4bf92feb build: Bump io-uring from 0.5.8 to 0.5.9 in /fuzz
Bumps [io-uring](https://github.com/tokio-rs/io-uring) from 0.5.8 to 0.5.9.
- [Release notes](https://github.com/tokio-rs/io-uring/releases)
- [Commits](https://github.com/tokio-rs/io-uring/commits)

---
updated-dependencies:
- dependency-name: io-uring
  dependency-type: indirect
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-11-12 08:30:01 +00:00
Rob Bradford
f30d460fa3 virtio-devices: seccomp: Move mprotect() to virtio common rules
It's perfectly reasonable to expect if that some virtio threads trigger
libc behaviour that needs mprotect() that all virtio threads would do
the same.

Fixes: #4874

Signed-off-by: Rob Bradford <robert.bradford@intel.com>
2022-11-12 08:29:47 +00:00
Rob Bradford
2c94773bdc docs: seccomp: Enhance strace command to print thread name
Signed-off-by: Rob Bradford <robert.bradford@intel.com>
2022-11-11 16:47:24 +00:00
dependabot[bot]
9f1d2d34e8 build: Bump darling from 0.14.1 to 0.14.2
Bumps [darling](https://github.com/TedDriggs/darling) from 0.14.1 to 0.14.2.
- [Release notes](https://github.com/TedDriggs/darling/releases)
- [Changelog](https://github.com/TedDriggs/darling/blob/master/CHANGELOG.md)
- [Commits](https://github.com/TedDriggs/darling/compare/v0.14.1...v0.14.2)

---
updated-dependencies:
- dependency-name: darling
  dependency-type: indirect
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-11-11 08:15:25 +00:00
Rob Bradford
57508a4b1c virtio-net: net: Wait for threads to exit on Drop
It is required to close all file descriptors pointing to an opened TAP
device prior to reopening the TAP device; otherwise it will return
-EBUSY as the device can only be opened once (excluding MQ use cases.)

When rebooting the VM the virtio-net threads would still be running and
so the TAP file descriptor may not have been closed. To ensure that the
TAP FD is closed wait for all the epoll threads to exit after receiving the
KILL_EVENT.

Fixes: #4868

Signed-off-by: Rob Bradford <robert.bradford@intel.com>
2022-11-10 07:46:16 -08:00
dependabot[bot]
012f2572d5 build: Bump terminal_size from 0.2.1 to 0.2.2
Bumps [terminal_size](https://github.com/eminence/terminal-size) from 0.2.1 to 0.2.2.
- [Release notes](https://github.com/eminence/terminal-size/releases)
- [Commits](https://github.com/eminence/terminal-size/compare/v0.2.1...v0.2.2)

---
updated-dependencies:
- dependency-name: terminal_size
  dependency-type: indirect
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-11-10 09:39:09 +00:00
dependabot[bot]
b9dbe3a2f7 build: Bump rustix from 0.35.12 to 0.35.13 in /fuzz
Bumps [rustix](https://github.com/bytecodealliance/rustix) from 0.35.12 to 0.35.13.
- [Release notes](https://github.com/bytecodealliance/rustix/releases)
- [Commits](https://github.com/bytecodealliance/rustix/compare/v0.35.12...v0.35.13)

---
updated-dependencies:
- dependency-name: rustix
  dependency-type: indirect
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-11-09 23:43:39 +00:00
Rob Bradford
6230929d51 openapi: Add thp option to MemoryConfig
Signed-off-by: Rob Bradford <robert.bradford@intel.com>
2022-11-09 16:51:21 +00:00
Rob Bradford
04d034a0bc docs: Update memory.md for THP
Signed-off-by: Rob Bradford <robert.bradford@intel.com>
2022-11-09 16:51:21 +00:00
Rob Bradford
f603afc46e vmm: Make Transparent Huge Pages controllable (default on)
Add MemoryConfig::thp and `--memory thp=on|off` to allow control of
Transparent Huge Pages.

Signed-off-by: Rob Bradford <robert.bradford@intel.com>
2022-11-09 16:51:21 +00:00
Rob Bradford
b68add2d0d vmm: Enable THP when using anonymous memory
If the memory is not backed by a file then it is possible to enable
Transparent Huge Pages on the memory and take advantage of the benefits
of huge pages without requiring the specific allocation of an appropriate
number of huge pages.

TEST=Boot and see that in /proc/`pidof cloud-hypervisor`/smaps that the
region is now THPeligible (and that also pages are being used.)

Signed-off-by: Rob Bradford <robert.bradford@intel.com>
2022-11-09 16:51:21 +00:00
dependabot[bot]
0f44db5da4 build: Bump openssl-src from 111.23.0+1.1.1r to 111.24.0+1.1.1s
Bumps [openssl-src](https://github.com/alexcrichton/openssl-src-rs) from 111.23.0+1.1.1r to 111.24.0+1.1.1s.
- [Release notes](https://github.com/alexcrichton/openssl-src-rs/releases)
- [Commits](https://github.com/alexcrichton/openssl-src-rs/commits)

---
updated-dependencies:
- dependency-name: openssl-src
  dependency-type: indirect
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-11-08 23:44:15 +00:00
dependabot[bot]
a7dccf94cf build: Bump terminal_size from 0.2.1 to 0.2.2 in /fuzz
Bumps [terminal_size](https://github.com/eminence/terminal-size) from 0.2.1 to 0.2.2.
- [Release notes](https://github.com/eminence/terminal-size/releases)
- [Commits](https://github.com/eminence/terminal-size/compare/v0.2.1...v0.2.2)

---
updated-dependencies:
- dependency-name: terminal_size
  dependency-type: indirect
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-11-08 23:36:26 +00:00
Jianyong Wu
0e6e539d9b AArch64/fdt: fix PMU irqflag calculation
Currently, CPU mask involved into PMU irqflag caculation which is used
for Gicv2. It limits the CPU number up to 31. For Gicv3+, CPU mask is no
longer needed. More info see [1].

Signed-off-by: Jianyong Wu <jianyong.wu@arm.com>

[1] https://lore.kernel.org/all/165668798833.3744902.12084627427900181326.b4-ty@kernel.org/t/
2022-11-08 11:24:11 +00:00
dependabot[bot]
1cb1cff882 build: Bump env_logger from 0.9.1 to 0.9.3
Bumps [env_logger](https://github.com/env-logger-rs/env_logger) from 0.9.1 to 0.9.3.
- [Release notes](https://github.com/env-logger-rs/env_logger/releases)
- [Changelog](https://github.com/env-logger-rs/env_logger/blob/main/CHANGELOG.md)
- [Commits](https://github.com/env-logger-rs/env_logger/compare/v0.9.1...v0.9.3)

---
updated-dependencies:
- dependency-name: env_logger
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-11-07 23:55:26 +00:00
dependabot[bot]
fefbc356a2 build: Bump once_cell from 1.15.0 to 1.16.0 in /fuzz
Bumps [once_cell](https://github.com/matklad/once_cell) from 1.15.0 to 1.16.0.
- [Release notes](https://github.com/matklad/once_cell/releases)
- [Changelog](https://github.com/matklad/once_cell/blob/master/CHANGELOG.md)
- [Commits](https://github.com/matklad/once_cell/compare/v1.15.0...v1.16.0)

---
updated-dependencies:
- dependency-name: once_cell
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-11-07 23:52:05 +00:00
Muminul Islam
8b37448d28 tests: Disable test_snapshot_restore_hotplug_virtiomem for MSHV
Signed-off-by: Muminul Islam <muislam@microsoft.com>
2022-11-04 12:24:33 -07:00
Muminul Islam
92d083f593 tests: Add a basic test for snapshot/retsore
Signed-off-by: Muminul Islam <muislam@microsoft.com>
2022-11-04 12:24:33 -07:00
Muminul Islam
58d8795b53 tests: Make a wrapper function for snapshot/restore
Signed-off-by: Muminul Islam <muislam@microsoft.com>
2022-11-04 12:24:33 -07:00
Bo Chen
b37e2ed378 virtio-devices: mem: Handle integer overflow properly
An integer overflow from our virtio-mem device can be triggered
from (misbehaved) guest driver with malicious requests. This patch
handles this integer overflow explicitly and treats it as an invalid
request.

Note: this bug was detected by our virtio-mem fuzzer through 'oss-fuzz'.

Signed-off-by: Bo Chen <chen.bo@intel.com>
2022-11-04 09:33:21 +00:00
Bo Chen
ef8fb9bd25 fuzz: Add fuzzer for virtio-console
Signed-off-by: Bo Chen <chen.bo@intel.com>
2022-11-03 09:10:41 -07:00
Bo Chen
cfafc85b9c virtio-devices: Custom 'EpollHelper::run_with_timeout' for fuzz
To support all virtio-devices, this patch replaces the customized
EpollHelper::run` with customized `EpollHelper::run_with_timeout` for
fuzzing.

Signed-off-by: Bo Chen <chen.bo@intel.com>
2022-11-03 09:10:41 -07:00
Bo Chen
683491a955 virtio-devices: console: Provide 'wait_for_epoll_threads'
Signed-off-by: Bo Chen <chen.bo@intel.com>
2022-11-03 09:10:41 -07:00
dependabot[bot]
2bbb08b2a4 build: Bump io-uring from 0.5.7 to 0.5.8
Bumps [io-uring](https://github.com/tokio-rs/io-uring) from 0.5.7 to 0.5.8.
- [Release notes](https://github.com/tokio-rs/io-uring/releases)
- [Commits](https://github.com/tokio-rs/io-uring/commits)

---
updated-dependencies:
- dependency-name: io-uring
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-11-02 23:56:43 +00:00
dependabot[bot]
b77eb63688 build: Bump darling from 0.14.1 to 0.14.2 in /fuzz
Bumps [darling](https://github.com/TedDriggs/darling) from 0.14.1 to 0.14.2.
- [Release notes](https://github.com/TedDriggs/darling/releases)
- [Changelog](https://github.com/TedDriggs/darling/blob/master/CHANGELOG.md)
- [Commits](https://github.com/TedDriggs/darling/compare/v0.14.1...v0.14.2)

---
updated-dependencies:
- dependency-name: darling
  dependency-type: indirect
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-11-02 23:51:00 +00:00
Rob Bradford
6722c303b0 docs: Fix broken link in windows.md
Fixes: #4840

Signed-off-by: Rob Bradford <robert.bradford@intel.com>
2022-11-02 11:40:44 +00:00
Rob Bradford
6e0bd73c90 build: Bump linux-loader from 0.6.0 to 0.7.0
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: Rob Bradford <robert.bradford@intel.com>
2022-11-02 11:02:00 +00:00
Rob Bradford
103fe1f48b tests: Skip building kernel if already present
When running the glibc and musl integration tests on the CI after each
other skip building the kernel a second time.

Signed-off-by: Rob Bradford <robert.bradford@intel.com>
2022-11-02 09:42:07 +00:00
Rob Bradford
f4e1b72477 build: Consolidate integration testing to reused built assets
Signed-off-by: Rob Bradford <robert.bradford@intel.com>
2022-11-02 09:42:07 +00:00
Rob Bradford
65628e8d94 build: Run linter over Jenkinsfile
This has resulted in the content being indented with spaces rather tabs
per Groovy coding style.

Signed-off-by: Rob Bradford <robert.bradford@intel.com>
2022-11-02 09:42:07 +00:00
dependabot[bot]
851de1e0b3 build: Bump io-uring from 0.5.7 to 0.5.8 in /fuzz
Bumps [io-uring](https://github.com/tokio-rs/io-uring) from 0.5.7 to 0.5.8.
- [Release notes](https://github.com/tokio-rs/io-uring/releases)
- [Commits](https://github.com/tokio-rs/io-uring/commits)

---
updated-dependencies:
- dependency-name: io-uring
  dependency-type: indirect
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-11-02 09:21:17 +00:00