Commit Graph

8364 Commits

Author SHA1 Message Date
dependabot[bot]
fe3506976e build: Bump cc from 1.0.101 to 1.0.104 in /fuzz
Bumps [cc](https://github.com/rust-lang/cc-rs) from 1.0.101 to 1.0.104.
- [Release notes](https://github.com/rust-lang/cc-rs/releases)
- [Changelog](https://github.com/rust-lang/cc-rs/blob/main/CHANGELOG.md)
- [Commits](https://github.com/rust-lang/cc-rs/compare/cc-v1.0.101...cc-v1.0.104)

---
updated-dependencies:
- dependency-name: cc
  dependency-type: indirect
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-07-06 04:54:03 +00:00
Wei Liu
94929889ac vmm: make landlock configs VMM-level config
This requires stashing the config values in `struct Vmm`. The configs
should be validated before before creating the VMM thread. Refactor the
code and update documentation where necessary.

The place where the rules are applied remain the same.

Signed-off-by: Wei Liu <liuwe@microsoft.com>
2024-07-06 04:42:58 +00:00
Praveen K Paladugu
8452edfcc7 tests: Test live migration with Landlock
Add a test case to check Live Migration with Landlock support.

Signed-off-by: Praveen K Paladugu <prapal@linux.microsoft.com>
2024-07-06 04:42:58 +00:00
Praveen K Paladugu
466cc5e043 tests: Add disk_hotplug test with Landlock
Signed-off-by: Praveen K Paladugu <prapal@linux.microsoft.com>
2024-07-06 04:42:58 +00:00
Praveen K Paladugu
034c674c4c tests: Add a basic Landlock test
Signed-off-by: Praveen K Paladugu <prapal@linux.microsoft.com>
2024-07-06 04:42:58 +00:00
Praveen K Paladugu
b785e00317 docs: Add doc for Landlock feature
Signed-off-by: Praveen K Paladugu <prapal@linux.microsoft.com>
2024-07-06 04:42:58 +00:00
Praveen K Paladugu
7f6731cd05 vmm: Limit the visibility of Landlock objects
Limit the visibility of objects and methods introduced by Landlock
implementation.

Signed-off-by: Praveen K Paladugu <prapal@linux.microsoft.com>
2024-07-06 04:42:58 +00:00
Praveen K Paladugu
457fd9ef96 vmm: enable landlock during live migration
Signed-off-by: Praveen K Paladugu <prapal@linux.microsoft.com>
2024-07-06 04:42:58 +00:00
Praveen K Paladugu
eea45a2c78 vmm: Enable Landlock in restore path
Signed-off-by: Praveen K Paladugu <prapal@linux.microsoft.com>
2024-07-06 04:42:58 +00:00
Praveen K Paladugu
11c17ca319 main: Enable landlock on main thread
Signed-off-by: Praveen K Paladugu <prapal@linux.microsoft.com>
2024-07-06 04:42:58 +00:00
Praveen K Paladugu
249e362c70 vmm: Enable Landlock on vmm thread
Add file/dir paths from landlock-rules arguments to ruleset. Invoke
apply_landlock on VmConfig to apply config specific rules to ruleset.

Once done, any threads spawned by vmm thread will be automatically
sandboxed with the ruleset in vmm thread.

Signed-off-by: Praveen K Paladugu <prapal@linux.microsoft.com>
2024-07-06 04:42:58 +00:00
Praveen K Paladugu
b3e5738b40 vmm: Introduce ApplyLandlock trait
Introduce ApplyLandlock trait and add implementations to VmConfig
elements with PathBufs. This trait adds config specific rules to
landlock ruleset.

Signed-off-by: Praveen K Paladugu <prapal@linux.microsoft.com>
2024-07-06 04:42:58 +00:00
Praveen K Paladugu
1dd53c3d24 vmm: Enable Landlock on http-server thread
Signed-off-by: Praveen K Paladugu <prapal@linux.microsoft.com>
2024-07-06 04:42:58 +00:00
Praveen K Paladugu
130c988380 vmm: Enable Landlock on signal-handler thread
Signed-off-by: Praveen K Paladugu <prapal@linux.microsoft.com>
2024-07-06 04:42:58 +00:00
Praveen K Paladugu
8c76a3e4b5 vmm: Enable Landlock on event-monitor thread
Signed-off-by: Praveen K Paladugu <prapal@linux.microsoft.com>
2024-07-06 04:42:58 +00:00
Praveen K Paladugu
af5a9677c8 vmm: Introduce Landlock module
This module introduces methods to apply Landlock LSM to cloud-hypervisor
threads.

Signed-off-by: Praveen K Paladugu <prapal@linux.microsoft.com>
2024-07-06 04:42:58 +00:00
Praveen K Paladugu
1d89f98edf vmm: Introduce landlock-rules cmdline param
Users can use this parameter to pass extra paths that 'vmm' and its
child threads can use at runtime. Hotplug is the primary usecase for
this parameter.

In order to hotplug devices that use local files: disks, memory zones,
pmem devices etc, users can use this option to pass the path/s that will
be used during hotplug while starting cloud-hypervisor. Doing this will
allow landlock to add required rules to grant access to these paths when
cloud-hypervisor process starts.

Signed-off-by: Praveen K Paladugu <prapal@linux.microsoft.com>
Signed-off-by: Wei Liu <liuwe@microsoft.com>
2024-07-06 04:42:58 +00:00
Praveen K Paladugu
287dbd4fc9 vmm: Introduce landlock cmdline parameter
Users can use this cmdline option to enable/disable Landlock based
sandboxing while running cloud-hypervisor.

Signed-off-by: Praveen K Paladugu <prapal@linux.microsoft.com>
2024-07-06 04:42:58 +00:00
Praveen K Paladugu
c50ea2c708 vmm: Add seccomp rules to allow landlock syscalls
landlock syscalls are required by event_monitor, signal_handler,
http-server and vmm threads. Rest of the threads are spawned by the vmm
thread and they automatically inherit the ruleset from the vmm thread.

Signed-off-by: Praveen K Paladugu <prapal@linux.microsoft.com>
2024-07-06 04:42:58 +00:00
Wei Liu
14b45e4d2e hypervisor: mshv: handle GPA intercept
We will start receiving GPA intercepts. For our use cases they are
handled the same way as UNMAPPED GPA intercepts.

Put in some logging to distinguish the two cases.

Signed-off-by: Wei Liu <liuwe@microsoft.com>
2024-07-04 18:45:01 +00:00
Wei Liu
519476e842 hypervisor: mshv: relax the requirement for instruction emulation
Previously we required the hypervisor to give us a valid instruction
stream. That worked well enough because we never hit any edge conditions
(such as when the instruction stream crosses page boundary).

Now that MSHV can deal with partial or empty instruction stream, we can
remove that requirement.

Signed-off-by: Wei Liu <liuwe@microsoft.com>
2024-07-04 18:45:01 +00:00
Wei Liu
5fec858130 hypervisor: mshv: implement fetching instructions in emulator
Signed-off-by: Wei Liu <liuwe@microsoft.com>
2024-07-04 18:45:01 +00:00
Wei Liu
67f22b6aa4 hypervisor: mshv: fix GVA translation flags
Original we checked for R and W, but that code path never got executed.

It is now understood that we can only get here when we execute code. Fix
the permission flags.

Signed-off-by: Wei Liu <liuwe@microsoft.com>
2024-07-04 18:45:01 +00:00
Wei Liu
1eb4133034 hypervisor: x86: emulator: set IP properly for newly fetched stream
The default value of IP is zero. If the decoder's state not set
properly, then the guest state is going to be wrong.

Signed-off-by: Wei Liu <liuwe@microsoft.com>
2024-07-04 18:45:01 +00:00
dependabot[bot]
9f3bea3e3f build: Bump anstyle-parse from 0.2.3 to 0.2.4 in /fuzz
Bumps [anstyle-parse](https://github.com/rust-cli/anstyle) from 0.2.3 to 0.2.4.
- [Commits](https://github.com/rust-cli/anstyle/compare/anstyle-parse-v0.2.3...anstyle-parse-v0.2.4)

---
updated-dependencies:
- dependency-name: anstyle-parse
  dependency-type: indirect
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-07-03 21:54:50 +00:00
Alyssa Ross
e7c7a304e8 virtio-devices: fix UB getting tty size
TIOCGWINSZ modifies its argument, so it needs to mutably borrow it.
Unfortunately, ioctl()'s signature is not able to enforce this, and
the write happens in the kernel, so I don't think anything like miri,
valgrind, UBSan, etc. would have been able to catch this.

The UB passing an immutable reference caused resulted, for me, in
get_win_size() returning (0, 0) since LLVM commit
9a09c737a052 ("[BasicAA] Make isNotCapturedBeforeOrAt() check for
calls more precise (#69931)").

I've had a look through the other ioctl() calls in Cloud Hypervisor,
and I don't think any others have the same problem.

Signed-off-by: Alyssa Ross <hi@alyssa.is>
2024-07-03 21:26:04 +00:00
Bo Chen
b5cce0d371 build: Enable vfio and sgx worker
This reverts commit 7d84654a79.

Signed-off-by: Bo Chen <chen.bo@intel.com>
2024-07-03 00:34:28 +00:00
Wei Liu
7c608f6380 hypervisor: x86: emulator: accept empty instruction stream input
The emulator should fetch from memory just fine.

Signed-off-by: Wei Liu <liuwe@microsoft.com>
2024-07-02 14:59:50 +00:00
Wei Liu
3ad8d24943 hypervisor: x86: emulator: fix a variable
Comparing RAX with RIP makes no logical sense other than RIP happens to
be the correct value. Use `target_rax` instead.

Signed-off-by: Wei Liu <liuwe@microsoft.com>
2024-07-02 14:59:50 +00:00
Wei Liu
56c6c02724 hypervisor: x86: emulator: test executing only one instruction
Signed-off-by: Wei Liu <liuwe@microsoft.com>
2024-07-02 14:59:50 +00:00
Wei Liu
19b0ea842b hypervisor: x86: emulator: add the second instruction to test comment
Signed-off-by: Wei Liu <liuwe@microsoft.com>
2024-07-02 14:59:50 +00:00
dependabot[bot]
16bd88b4b5 build: Bump cc from 1.0.99 to 1.0.101 in /fuzz
Bumps [cc](https://github.com/rust-lang/cc-rs) from 1.0.99 to 1.0.101.
- [Release notes](https://github.com/rust-lang/cc-rs/releases)
- [Changelog](https://github.com/rust-lang/cc-rs/blob/main/CHANGELOG.md)
- [Commits](https://github.com/rust-lang/cc-rs/compare/1.0.99...cc-v1.0.101)

---
updated-dependencies:
- dependency-name: cc
  dependency-type: indirect
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-06-28 00:28:40 +00:00
dependabot[bot]
09136c50b5 build: Bump syn from 2.0.66 to 2.0.68 in /fuzz
Bumps [syn](https://github.com/dtolnay/syn) from 2.0.66 to 2.0.68.
- [Release notes](https://github.com/dtolnay/syn/releases)
- [Commits](https://github.com/dtolnay/syn/compare/2.0.66...2.0.68)

---
updated-dependencies:
- dependency-name: syn
  dependency-type: indirect
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-06-27 17:44:00 +00:00
Nuno Das Neves
380b7d398c build: Bump openssl-src to 3.3.1
Signed-off-by: Nuno Das Neves <nudasnev@microsoft.com>
2024-06-25 18:55:52 +00:00
Nuno Das Neves
764959c9a8 build: Bump libz-sys to 1.1.18
Signed-off-by: Nuno Das Neves <nudasnev@microsoft.com>
2024-06-25 18:55:52 +00:00
Bo Chen
7d84654a79 build: Temporarily disable vfio and sgx worker
The corresponding bare-metal runner needs to be offline for
maintenance.

Signed-off-by: Bo Chen <chen.bo@intel.com>
2024-06-25 17:40:20 +00:00
Julian Stecklina
246cb94dc5 build: Fix license string to comply with SPDX list
cargo-cyclonedx rejects the current license key in Cargo.toml, because
it doesn't comply with the SPDX standard:

  Package cloud-hypervisor has an invalid license expression (LICENSE-APACHE & LICENSE-BSD-3-Clause), using as named license: Invalid Lax SPDX expression: unknown term

Fix by using the names from the SPDX list:
https://spdx.github.io/license-list-data/

Signed-off-by: Julian Stecklina <julian.stecklina@cyberus-technology.de>
2024-06-25 09:14:19 -07:00
dependabot[bot]
165c2c476f build: Bump proc-macro2 from 1.0.83 to 1.0.86 in /fuzz
Bumps [proc-macro2](https://github.com/dtolnay/proc-macro2) from 1.0.83 to 1.0.86.
- [Release notes](https://github.com/dtolnay/proc-macro2/releases)
- [Commits](https://github.com/dtolnay/proc-macro2/compare/1.0.83...1.0.86)

---
updated-dependencies:
- dependency-name: proc-macro2
  dependency-type: indirect
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-06-22 09:04:44 +00:00
dependabot[bot]
5e8f380698 build: Bump anyhow from 1.0.82 to 1.0.86 in /fuzz
Bumps [anyhow](https://github.com/dtolnay/anyhow) from 1.0.82 to 1.0.86.
- [Release notes](https://github.com/dtolnay/anyhow/releases)
- [Commits](https://github.com/dtolnay/anyhow/compare/1.0.82...1.0.86)

---
updated-dependencies:
- dependency-name: anyhow
  dependency-type: indirect
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-06-21 16:45:25 +00:00
Rob Bradford
e9b2639757 build: Release v40.0
Signed-off-by: Rob Bradford <rbradford@rivosinc.com>
2024-06-21 08:40:44 +00:00
dependabot[bot]
98d0aabb99 build: Bump clap from 4.5.4 to 4.5.7 in /fuzz
Bumps [clap](https://github.com/clap-rs/clap) from 4.5.4 to 4.5.7.
- [Release notes](https://github.com/clap-rs/clap/releases)
- [Changelog](https://github.com/clap-rs/clap/blob/master/CHANGELOG.md)
- [Commits](https://github.com/clap-rs/clap/compare/clap_complete-v4.5.4...v4.5.7)

---
updated-dependencies:
- dependency-name: clap
  dependency-type: indirect
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-06-20 00:36:09 +00:00
dependabot[bot]
d206586683 build: Bump crossbeam-utils from 0.8.19 to 0.8.20
Bumps [crossbeam-utils](https://github.com/crossbeam-rs/crossbeam) from 0.8.19 to 0.8.20.
- [Release notes](https://github.com/crossbeam-rs/crossbeam/releases)
- [Changelog](https://github.com/crossbeam-rs/crossbeam/blob/master/CHANGELOG.md)
- [Commits](https://github.com/crossbeam-rs/crossbeam/compare/crossbeam-utils-0.8.19...crossbeam-utils-0.8.20)

---
updated-dependencies:
- dependency-name: crossbeam-utils
  dependency-type: indirect
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-06-19 00:32:27 +00:00
dependabot[bot]
19f2800d9e build: Bump clap_lex from 0.7.0 to 0.7.1 in /fuzz
Bumps [clap_lex](https://github.com/clap-rs/clap) from 0.7.0 to 0.7.1.
- [Release notes](https://github.com/clap-rs/clap/releases)
- [Changelog](https://github.com/clap-rs/clap/blob/master/CHANGELOG.md)
- [Commits](https://github.com/clap-rs/clap/compare/clap_lex-v0.7.0...clap_lex-v0.7.1)

---
updated-dependencies:
- dependency-name: clap_lex
  dependency-type: indirect
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-06-19 00:09:29 +00:00
Rob Bradford
08cf983d42 build: Fix Cargo.toml formatting
In 42e9632c53 a fix was made to address a
typo in the taplo configuration file. Fixing this typo indicated that
many Cargo.toml files were no longer adhering to the formatting rules.
Fix the formatting by running `taplo fmt`.

Signed-off-by: Rob Bradford <rbradford@rivosinc.com>
2024-06-18 16:19:12 +00:00
dependabot[bot]
243dc5918c build: Bump regex-automata from 0.4.6 to 0.4.7
Bumps [regex-automata](https://github.com/rust-lang/regex) from 0.4.6 to 0.4.7.
- [Release notes](https://github.com/rust-lang/regex/releases)
- [Changelog](https://github.com/rust-lang/regex/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rust-lang/regex/compare/regex-automata-0.4.6...regex-automata-0.4.7)

---
updated-dependencies:
- dependency-name: regex-automata
  dependency-type: indirect
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-06-18 14:26:39 +00:00
Songqian Li
544de7d000 tests: send SIGTERM to kill GuestCommand
Killing CLH by SIGKILL will cause inaccurate code coverage
information. This patch changes the signal to SIGTERM.

Fixes: #6507

Signed-off-by: Songqian Li <sionli@tencent.com>
2024-06-18 08:03:09 +00:00
dependabot[bot]
796db588ea build: Bump serde from 1.0.202 to 1.0.203 in /fuzz
Bumps [serde](https://github.com/serde-rs/serde) from 1.0.202 to 1.0.203.
- [Release notes](https://github.com/serde-rs/serde/releases)
- [Commits](https://github.com/serde-rs/serde/compare/v1.0.202...v1.0.203)

---
updated-dependencies:
- dependency-name: serde
  dependency-type: indirect
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-06-17 23:59:43 +00:00
dependabot[bot]
397c76dd20 build: Bump cc from 1.0.97 to 1.0.99
Bumps [cc](https://github.com/rust-lang/cc-rs) from 1.0.97 to 1.0.99.
- [Release notes](https://github.com/rust-lang/cc-rs/releases)
- [Commits](https://github.com/rust-lang/cc-rs/compare/1.0.97...1.0.99)

---
updated-dependencies:
- dependency-name: cc
  dependency-type: indirect
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-06-15 08:23:35 +00:00
Bo Chen
cdd3ff5e5a virtio-devices: vdpa: Don't restore on paused state
Since vdpa device does not support pause/resume [1], it does not make
sense to restore on paused state.

[1] 099cdd2af8

Signed-off-by: Bo Chen <chen.bo@intel.com>
2024-06-15 07:32:58 +00:00
Bo Chen
6cb76abbf1 virtio-devices: vdpa: Don't error out on resume if not paused
Signed-off-by: Bo Chen <chen.bo@intel.com>
2024-06-15 07:32:58 +00:00