Commit Graph

8184 Commits

Author SHA1 Message Date
Wenyu Huang
4299815a67 vmm: allow to call fcntl in debug
This fixes a issue of running vm compiled in debug with Rust
1.80.0 or later, where this check was introduced.

Signed-off-by: Wenyu Huang <huangwenyuu@outlook.com>
2024-08-27 18:13:21 +00:00
Anirudh Rayabharam
f63c2d896f hypervisor: mshv: implement get_guest_debug_hw_bps
Implement get_guest_debug_hw_bps() for mshv and simply return 0 for now.
This unblocks the usage of the crashdump feature with mshv. If left
unimplemented, Cloud Hypervisor built with mshv and guest_debug features
crashes immediately upon start due to unimplemented!() macro.

Signed-off-by: Anirudh Rayabharam <anrayabh@microsoft.com>
2024-08-27 16:11:52 +00:00
dependabot[bot]
c3a83d2b6a build: Bump anstream from 0.6.14 to 0.6.15
Bumps [anstream](https://github.com/rust-cli/anstyle) from 0.6.14 to 0.6.15.
- [Commits](https://github.com/rust-cli/anstyle/compare/anstream-v0.6.14...anstream-v0.6.15)

---
updated-dependencies:
- dependency-name: anstream
  dependency-type: indirect
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-08-27 00:38:52 +00:00
dependabot[bot]
8c146db313 build: Bump piper from 0.2.3 to 0.2.4
Bumps [piper](https://github.com/smol-rs/piper) from 0.2.3 to 0.2.4.
- [Release notes](https://github.com/smol-rs/piper/releases)
- [Changelog](https://github.com/smol-rs/piper/blob/main/CHANGELOG.md)
- [Commits](https://github.com/smol-rs/piper/compare/v0.2.3...v0.2.4)

---
updated-dependencies:
- dependency-name: piper
  dependency-type: indirect
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-08-24 00:23:06 +00:00
dependabot[bot]
3c4be55b3b build: Bump wasm-bindgen from 0.2.92 to 0.2.93 in /fuzz
Bumps [wasm-bindgen](https://github.com/rustwasm/wasm-bindgen) from 0.2.92 to 0.2.93.
- [Release notes](https://github.com/rustwasm/wasm-bindgen/releases)
- [Changelog](https://github.com/rustwasm/wasm-bindgen/blob/main/CHANGELOG.md)
- [Commits](https://github.com/rustwasm/wasm-bindgen/compare/0.2.92...0.2.93)

---
updated-dependencies:
- dependency-name: wasm-bindgen
  dependency-type: indirect
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-08-23 08:58:18 +00:00
dependabot[bot]
a43d46edb0 build: Bump utf8parse from 0.2.1 to 0.2.2
Bumps [utf8parse](https://github.com/alacritty/vte) from 0.2.1 to 0.2.2.
- [Release notes](https://github.com/alacritty/vte/releases)
- [Changelog](https://github.com/alacritty/vte/blob/master/CHANGELOG.md)
- [Commits](https://github.com/alacritty/vte/compare/utf8parse_v0.2.1...utf8parse_v0.2.2)

---
updated-dependencies:
- dependency-name: utf8parse
  dependency-type: indirect
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-08-23 00:01:36 +00:00
Tom Dohrmann
ca88d4449e hypervisor: mshv: Fix panic when rejecting extended guest report
swei2_rw_gpa_arg.data is an array of size 16 and value.to_le_bytes() is
only 8 bytes.

Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
Signed-off-by: Tom Dohrmann <erbse.13@gmx.de>
2024-08-22 18:13:50 +00:00
Rob Bradford
ce49a6f4b8 github: Disable ARM64 worker
This machine is no longer available.

Signed-off-by: Rob Bradford <rbradford@rivosinc.com>
2024-08-22 11:13:14 -07:00
dependabot[bot]
7f99ef2a92 build: Bump anstyle from 1.0.7 to 1.0.8
Bumps [anstyle](https://github.com/rust-cli/anstyle) from 1.0.7 to 1.0.8.
- [Commits](https://github.com/rust-cli/anstyle/compare/v1.0.7...v1.0.8)

---
updated-dependencies:
- dependency-name: anstyle
  dependency-type: indirect
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-08-22 14:58:28 +00:00
dependabot[bot]
3c9f2f6914 build: Bump serde_json from 1.0.120 to 1.0.125 in /fuzz
Bumps [serde_json](https://github.com/serde-rs/json) from 1.0.120 to 1.0.125.
- [Release notes](https://github.com/serde-rs/json/releases)
- [Commits](https://github.com/serde-rs/json/compare/v1.0.120...1.0.125)

---
updated-dependencies:
- dependency-name: serde_json
  dependency-type: indirect
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-08-22 14:58:28 +00:00
dependabot[bot]
5f814308d6 build: Bump clap from 4.5.4 to 4.5.13
Bumps [clap](https://github.com/clap-rs/clap) from 4.5.4 to 4.5.13.
- [Release notes](https://github.com/clap-rs/clap/releases)
- [Changelog](https://github.com/clap-rs/clap/blob/master/CHANGELOG.md)
- [Commits](https://github.com/clap-rs/clap/compare/clap_complete-v4.5.4...clap_complete-v4.5.13)

---
updated-dependencies:
- dependency-name: clap
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-08-20 00:02:25 +00:00
dependabot[bot]
5b58854ae9 build: Bump serde_derive from 1.0.203 to 1.0.208 in /fuzz
Bumps [serde_derive](https://github.com/serde-rs/serde) from 1.0.203 to 1.0.208.
- [Release notes](https://github.com/serde-rs/serde/releases)
- [Commits](https://github.com/serde-rs/serde/compare/v1.0.203...v1.0.208)

---
updated-dependencies:
- dependency-name: serde_derive
  dependency-type: indirect
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-08-19 23:53:22 +00:00
Jinank Jain
4c99aea6c4 hypervisor: Switch to use the new StandardRegisters
With this we are removing the CloudHypervisor definition of
StandardRegisters instead using an enum which contains different
variants of StandardRegisters coming from their bindigs crate.

Signed-off-by: Jinank Jain <jinankjain@microsoft.com>
2024-08-19 21:41:22 +00:00
Jinank Jain
8f3bd4d9ec hypervisor: Implement getter/setter for StandardRegisters
This would be used to abstract away differences in KVM/MSHV
representation of StandardRegisters.

Signed-off-by: Jinank Jain <jinankjain@microsoft.com>
2024-08-19 21:41:22 +00:00
Jinank Jain
feb0a36067 hypervisor: Implement StandardRegisters as union of KVM & MSHV
Currently we are redefining StandardRegisters instead of using the ones
coming from bindings. With this we can remove the unnecessary
construction of global structure which contains fields from different
hypervisor dependent structs.

Signed-off-by: Jinank Jain <jinankjain@microsoft.com>
2024-08-19 21:41:22 +00:00
Jinank Jain
3645654c39 hypervisor: Add an API to create default StandardRegisters
This will be used to create StandardRegisters for a given vcpu in
future.

Signed-off-by: Jinank Jain <jinankjain@microsoft.com>
2024-08-19 21:41:22 +00:00
dependabot[bot]
a229afbc24 build: Bump serde from 1.0.203 to 1.0.208
Bumps [serde](https://github.com/serde-rs/serde) from 1.0.203 to 1.0.208.
- [Release notes](https://github.com/serde-rs/serde/releases)
- [Commits](https://github.com/serde-rs/serde/compare/v1.0.203...v1.0.208)

---
updated-dependencies:
- dependency-name: serde
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-08-17 00:02:04 +00:00
dependabot[bot]
fd561f4034 build: Bump anstyle-parse from 0.2.4 to 0.2.5 in /fuzz
Bumps [anstyle-parse](https://github.com/rust-cli/anstyle) from 0.2.4 to 0.2.5.
- [Commits](https://github.com/rust-cli/anstyle/compare/anstyle-parse-v0.2.4...anstyle-parse-v0.2.5)

---
updated-dependencies:
- dependency-name: anstyle-parse
  dependency-type: indirect
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-08-16 23:51:24 +00:00
dependabot[bot]
b9c885b5b8 build: Bump memchr from 2.7.2 to 2.7.4 in /fuzz
Bumps [memchr](https://github.com/BurntSushi/memchr) from 2.7.2 to 2.7.4.
- [Commits](https://github.com/BurntSushi/memchr/compare/2.7.2...2.7.4)

---
updated-dependencies:
- dependency-name: memchr
  dependency-type: indirect
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-08-16 00:22:47 +00:00
dependabot[bot]
4ee3f2bde9 build: Bump acpi_tables from 925e3f8 to e268627
Bumps [acpi_tables](https://github.com/rust-vmm/acpi_tables) from `925e3f8` to `e268627`.
- [Commits](925e3f8aff...e268627630)

---
updated-dependencies:
- dependency-name: acpi_tables
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-08-15 23:53:50 +00:00
Rob Bradford
ea3e2ff625 build: Release v41.0
Signed-off-by: Rob Bradford <rbradford@rivosinc.com>
2024-08-15 16:50:09 +00:00
ihciah
3320015793 virtio-devices: net: reduce vec allocations for iovec conversion
Signed-off-by: ihciah <ihciah@gmail.com>
2024-08-15 11:56:46 +00:00
dependabot[bot]
9113544e21 build: Bump anstyle-wincon from 3.0.3 to 3.0.4
Bumps [anstyle-wincon](https://github.com/rust-cli/anstyle) from 3.0.3 to 3.0.4.
- [Commits](https://github.com/rust-cli/anstyle/compare/anstyle-wincon-v3.0.3...anstyle-wincon-v3.0.4)

---
updated-dependencies:
- dependency-name: anstyle-wincon
  dependency-type: indirect
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-08-15 07:02:09 +00:00
dependabot[bot]
8c526891ac build: Bump cc from 1.1.10 to 1.1.11 in /fuzz
Bumps [cc](https://github.com/rust-lang/cc-rs) from 1.1.10 to 1.1.11.
- [Release notes](https://github.com/rust-lang/cc-rs/releases)
- [Changelog](https://github.com/rust-lang/cc-rs/blob/main/CHANGELOG.md)
- [Commits](https://github.com/rust-lang/cc-rs/compare/cc-v1.1.10...cc-v1.1.11)

---
updated-dependencies:
- dependency-name: cc
  dependency-type: indirect
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-08-15 00:33:32 +00:00
Wei Liu
78a30012fb pci: validate index before accessing MSI-X arrays
The index is derived from the access offset, so it is controlled by the
guest. Check it before accessing internal data structures.

Since Rust enforces strict bound check even in release builds, the VMM
process will crash if the guest misbehaves. There is no security issue
since the guest can only DoS itself.

Signed-off-by: Wei Liu <liuwe@microsoft.com>
2024-08-14 08:01:25 +00:00
dependabot[bot]
c5c751c478 build: Bump cc from 1.1.7 to 1.1.10 in /fuzz
Bumps [cc](https://github.com/rust-lang/cc-rs) from 1.1.7 to 1.1.10.
- [Release notes](https://github.com/rust-lang/cc-rs/releases)
- [Changelog](https://github.com/rust-lang/cc-rs/blob/main/CHANGELOG.md)
- [Commits](https://github.com/rust-lang/cc-rs/compare/cc-v1.1.7...cc-v1.1.10)

---
updated-dependencies:
- dependency-name: cc
  dependency-type: indirect
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-08-14 00:49:14 +00:00
dependabot[bot]
f92cce888b build: Bump signal-hook-registry from 1.4.1 to 1.4.2
Bumps [signal-hook-registry](https://github.com/vorner/signal-hook) from 1.4.1 to 1.4.2.
- [Changelog](https://github.com/vorner/signal-hook/blob/master/CHANGELOG.md)
- [Commits](https://github.com/vorner/signal-hook/compare/registry-v1.4.1...registry-v1.4.2)

---
updated-dependencies:
- dependency-name: signal-hook-registry
  dependency-type: indirect
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-08-13 23:49:52 +00:00
Nuno Das Neves
00b4d97826 vmm: Replace hardcoded mshv IOCTL numbers in seccomp
Use the IOCTL numbers directly from mshv-ioctls instead of hardcoding
them in the seccomp filters.

Remove seccomp rules for unused ioctls:
MSHV_GET_VERSION_INFO,
MSHV_ASSERT_INTERRUPT.

Signed-off-by: Nuno Das Neves <nudasnev@microsoft.com>
2024-08-13 18:52:46 +00:00
Jinank Jain
3fe7d6d904 hypervisor: mshv: Disable previous GHCB page before setting new one
CVM guests can configure GHCB page multiple times during it's
lifetime depending on it's requirement. For example a Linux CVM guest
configures a different GHCB page during compressed kernel boot and sets
up a new one after decompressing the kernel. As a cleanup step, VMM
should unset the previous GHCB page before registering a new one for
a particular vcpu thread.

Signed-off-by: Jinank Jain <jinankjain@microsoft.com>
2024-08-13 16:59:31 +00:00
Alyssa Ross
02f146fef8 hypervisor: kvm: aarch64: fix get_device_attr() UB
DeviceFd::get_device_attr should be marked as unsafe, because it
allows writing to an arbitrary address.  I have opened a kvm-ioctls
PR[1] to fix this.  The hypervisor crate was using the function
unsafely by passing it addresses of immutable variables.  I noticed
this because an optimisation change[2] in Rust 1.80.0 caused the
kvm::aarch64::gic::tests::test_get_set_icc_regs test to start failing
when built in release mode.

To fix this, I've broken up the _access functions into _set and _get
variants, with the _get variant using a pointer to a mutable variable.
This has the side effect of making these functions a bit nicer to use,
because the caller now has no need to use references at all, for
either getting or setting.

[1]: https://github.com/rust-vmm/kvm-ioctls/pull/273
[2]: d2d24e395a

Signed-off-by: Alyssa Ross <hi@alyssa.is>
2024-08-13 16:16:11 +00:00
dependabot[bot]
36cdd67b9c build: Bump bitflags from 2.5.0 to 2.6.0
Bumps [bitflags](https://github.com/bitflags/bitflags) from 2.5.0 to 2.6.0.
- [Release notes](https://github.com/bitflags/bitflags/releases)
- [Changelog](https://github.com/bitflags/bitflags/blob/main/CHANGELOG.md)
- [Commits](https://github.com/bitflags/bitflags/compare/2.5.0...2.6.0)

---
updated-dependencies:
- dependency-name: bitflags
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-08-13 00:21:45 +00:00
dependabot[bot]
92b12ce2f4 build: Bump anstream from 0.6.14 to 0.6.15 in /fuzz
Bumps [anstream](https://github.com/rust-cli/anstyle) from 0.6.14 to 0.6.15.
- [Commits](https://github.com/rust-cli/anstyle/compare/anstream-v0.6.14...anstream-v0.6.15)

---
updated-dependencies:
- dependency-name: anstream
  dependency-type: indirect
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-08-12 23:51:09 +00:00
Alyssa Ross
cbb588c380 virtio-devices: allow vsock to call fcntl in debug
This fixes the vsock::device::tests::test_virtio_device test with Rust
1.80.0 or later, where this check was introduced.

Signed-off-by: Alyssa Ross <hi@alyssa.is>
2024-08-12 20:13:13 +00:00
Wei Liu
1c7997c5c3 hypervisor: x86: emulate MOVSQ
Signed-off-by: Wei Liu <liuwe@microsoft.com>
2024-08-10 23:49:09 +00:00
dependabot[bot]
fee769bed4 build: Bump libc from 0.2.153 to 0.2.155
Bumps [libc](https://github.com/rust-lang/libc) from 0.2.153 to 0.2.155.
- [Release notes](https://github.com/rust-lang/libc/releases)
- [Commits](https://github.com/rust-lang/libc/compare/0.2.153...0.2.155)

---
updated-dependencies:
- dependency-name: libc
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-08-10 00:43:15 +00:00
dependabot[bot]
6b2c2c938a build: Bump indexmap from 2.2.6 to 2.3.0 in /fuzz
Bumps [indexmap](https://github.com/indexmap-rs/indexmap) from 2.2.6 to 2.3.0.
- [Changelog](https://github.com/indexmap-rs/indexmap/blob/master/RELEASES.md)
- [Commits](https://github.com/indexmap-rs/indexmap/compare/2.2.6...2.3.0)

---
updated-dependencies:
- dependency-name: indexmap
  dependency-type: indirect
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-08-10 00:20:55 +00:00
Muminul Islam
1e967697c2 vmm: pass AccessPlatform implementation for SEV-SNP guest
Passing AccessPlatform trait to virtio-device for requesting
restricting page access during IO for SEV-SNP guest.

Signed-off-by: Muminul Islam <muislam@microsoft.com>
2024-08-09 17:40:13 +00:00
Muminul Islam
959ea7115f vmm: implement AccessPlatform for SEV-SNP proxy struct
Implement AccessPlatform for SEV-SNP guest to access
restricted page using IO. VMM calls MSHV api to get access
of the pages, MSHV requests guest to release the access.

Signed-off-by: Muminul Islam <muislam@microsoft.com>
2024-08-09 17:40:13 +00:00
Muminul Islam
398e9338a7 vmm: add a proxy struct for SEV-SNP guest
Add a structure to hold the reference of the Vm trait
from Hypervisor crate to access of restricted page
from SEV-SNP guest.

Signed-off-by: Muminul Islam <muislam@microsoft.com>
2024-08-09 17:40:13 +00:00
Muminul Islam
5c4b5c0e40 hypervisor: mshv: add definition to get access pages
Signed-off-by: Muminul Islam <muislam@microsoft.com>
2024-08-09 17:40:13 +00:00
dependabot[bot]
f9bd2aaf9f build: Bump errno from 0.3.8 to 0.3.9
Bumps [errno](https://github.com/lambda-fairy/rust-errno) from 0.3.8 to 0.3.9.
- [Changelog](https://github.com/lambda-fairy/rust-errno/blob/main/CHANGELOG.md)
- [Commits](https://github.com/lambda-fairy/rust-errno/commits)

---
updated-dependencies:
- dependency-name: errno
  dependency-type: indirect
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-08-09 07:38:12 +00:00
dependabot[bot]
f126288159 build: Bump anstyle-wincon from 3.0.3 to 3.0.4 in /fuzz
Bumps [anstyle-wincon](https://github.com/rust-cli/anstyle) from 3.0.3 to 3.0.4.
- [Commits](https://github.com/rust-cli/anstyle/compare/anstyle-wincon-v3.0.3...anstyle-wincon-v3.0.4)

---
updated-dependencies:
- dependency-name: anstyle-wincon
  dependency-type: indirect
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-08-09 00:05:18 +00:00
dependabot[bot]
9f9a4e657f build: Bump async-channel from 2.2.0 to 2.3.0
Bumps [async-channel](https://github.com/smol-rs/async-channel) from 2.2.0 to 2.3.0.
- [Release notes](https://github.com/smol-rs/async-channel/releases)
- [Changelog](https://github.com/smol-rs/async-channel/blob/master/CHANGELOG.md)
- [Commits](https://github.com/smol-rs/async-channel/compare/v2.2.0...v2.3.0)

---
updated-dependencies:
- dependency-name: async-channel
  dependency-type: indirect
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-08-08 00:44:32 +00:00
dependabot[bot]
3097d78c6e build: Bump jobserver from 0.1.31 to 0.1.32 in /fuzz
Bumps [jobserver](https://github.com/rust-lang/jobserver-rs) from 0.1.31 to 0.1.32.
- [Commits](https://github.com/rust-lang/jobserver-rs/compare/0.1.31...0.1.32)

---
updated-dependencies:
- dependency-name: jobserver
  dependency-type: indirect
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-08-08 00:34:17 +00:00
dependabot[bot]
7c2a252c02 build: Bump toml_datetime from 0.6.6 to 0.6.8 in /fuzz
Bumps [toml_datetime](https://github.com/toml-rs/toml) from 0.6.6 to 0.6.8.
- [Commits](https://github.com/toml-rs/toml/compare/toml_datetime-v0.6.6...toml_datetime-v0.6.8)

---
updated-dependencies:
- dependency-name: toml_datetime
  dependency-type: indirect
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-08-07 00:06:19 +00:00
dependabot[bot]
a87b25a962 build: Bump bumpalo from 3.15.4 to 3.16.0
Bumps [bumpalo](https://github.com/fitzgen/bumpalo) from 3.15.4 to 3.16.0.
- [Changelog](https://github.com/fitzgen/bumpalo/blob/main/CHANGELOG.md)
- [Commits](https://github.com/fitzgen/bumpalo/compare/3.15.4...3.16.0)

---
updated-dependencies:
- dependency-name: bumpalo
  dependency-type: indirect
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-08-06 23:55:41 +00:00
Wei Liu
24ed063dbe github: add build and clippy tests for pvmemcontrol
Signed-off-by: Wei Liu <liuwe@microsoft.com>
2024-08-06 18:39:30 +00:00
dependabot[bot]
fbac81843f build: Bump clap from 4.5.9 to 4.5.13 in /fuzz
Bumps [clap](https://github.com/clap-rs/clap) from 4.5.9 to 4.5.13.
- [Release notes](https://github.com/clap-rs/clap/releases)
- [Changelog](https://github.com/clap-rs/clap/blob/master/CHANGELOG.md)
- [Commits](https://github.com/clap-rs/clap/compare/clap_complete-v4.5.9...v4.5.13)

---
updated-dependencies:
- dependency-name: clap
  dependency-type: indirect
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-08-06 08:08:06 +00:00
dependabot[bot]
610a2234dc build: Bump ppv-lite86 from 0.2.17 to 0.2.20
Bumps [ppv-lite86](https://github.com/cryptocorrosion/cryptocorrosion) from 0.2.17 to 0.2.20.
- [Commits](https://github.com/cryptocorrosion/cryptocorrosion/commits)

---
updated-dependencies:
- dependency-name: ppv-lite86
  dependency-type: indirect
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-08-05 23:49:43 +00:00
Yuanchu Xie
5f18ac3bc0 devices: Add pvmemcontrol device
Pvmemcontrol provides a way for the guest to control its physical memory
properties, and enables optimizations and security features. For
example, the guest can provide information to the host where parts of a
hugepage may be unbacked, or sensitive data may not be swapped out, etc.

Pvmemcontrol allows guests to manipulate its gPTE entries in the SLAT,
and also some other properties of the memory map the back's host memory.
This is achieved by using the KVM_CAP_SYNC_MMU capability. When this
capability is available, the changes in the backing of the memory region
on the host are automatically reflected into the guest. For example, an
mmap() or madvise() that affects the region will be made visible
immediately.

There are two components of the implementation: the guest Linux driver
and Virtual Machine Monitor (VMM) device. A guest-allocated shared
buffer is negotiated per-cpu through a few PCI MMIO registers, the VMM
device assigns a unique command for each per-cpu buffer. The guest
writes its pvmemcontrol request in the per-cpu buffer, then writes the
corresponding command into the command register, calling into the VMM
device to perform the pvmemcontrol request.

The synchronous per-cpu shared buffer approach avoids the kick and busy
waiting that the guest would have to do with virtio virtqueue transport.

The Cloud Hypervisor component can be enabled with --pvmemcontrol.

Co-developed-by: Stanko Novakovic <stanko@google.com>
Co-developed-by: Pasha Tatashin <tatashin@google.com>
Signed-off-by: Yuanchu Xie <yuanchu@google.com>
2024-08-05 22:41:56 +00:00