2815 Commits

Author SHA1 Message Date
Praveen Paladugu
71c435ce91 hypervisor, vmm: Introduce VmmOps trait
Run loop in hypervisor needs a callback mechanism to access resources
like guest memory, mmio, pio etc.

VmmOps trait is introduced here, which is implemented by vmm module.
While handling vcpuexits in run loop, this trait allows hypervisor
module access to the above mentioned resources via callbacks.

Signed-off-by: Praveen Paladugu <prapal@microsoft.com>
Signed-off-by: Sebastien Boeuf <sebastien.boeuf@intel.com>
2020-10-02 16:42:55 +01:00
Rob Bradford
6a9934d933 build: Fix vm-memory bump build error
A new version of vm-memory was released upstream which resulted in some
components pulling in that new version. Update the version number used
to point to the latest version but continue to use our patched version
due to the fix for #1258

Signed-off-by: Rob Bradford <robert.bradford@intel.com>
2020-10-02 16:38:02 +01:00
Rob Bradford
2d457ab974 vmm: device_manager: Make PMEM "discard_writes" mode true CoW
The PMEM support has an option called "discard_writes" which when true
will prevent changes to the device from hitting the backing file. This
is trying to be the equivalent of "readonly" support of the block
device.

Previously the memory of the device was marked as KVM_READONLY. This
resulted in a trap when the guest attempted to write to it resulting a
VM exit (and recently a warning). This has a very detrimental effect on
the performance so instead make "discard_writes" truly CoW by mapping
the memory as `PROT_READ | PROT_WRITE` and using `MAP_PRIVATE` to
establish the CoW mapping.

Fixes: #1795

Signed-off-by: Rob Bradford <robert.bradford@intel.com>
2020-10-02 14:26:15 +02:00
Daniel Verkamp
6eeab85db0 qcow: avoid out-of-bounds access in alloc_refblocks
When all refblocks are consumed, the loop looking for the first free
cluster would access the element at refcounts[refcounts.len()], which is
out of bounds.  Modify the free cluster search loop to check that the
index is in bounds before accessing it.

Tested-by: Daniel Verkamp <dverkamp@chromium.org>
Tested-by: kokoro <noreply+kokoro@google.com>
Reviewed-by: Dylan Reid <dgreid@chromium.org>
Commit-Queue: Daniel Verkamp <dverkamp@chromium.org>

(cherry picked from crosvm commit f21572c7187c8beb9c6bfea6446351ae93200d01)

Fixes: #1792

Signed-off-by: Bo Chen <chen.bo@intel.com>
2020-10-02 09:43:09 +02:00
Hui Zhu
c75f8b2f89 virtio-balloon: Add memory_actual_size to vm.info to show memory actual size
The virtio-balloon change the memory size is asynchronous.
VirtioBalloonConfig.actual of balloon device show current balloon size.

This commit add memory_actual_size to vm.info to show memory actual size.

Signed-off-by: Hui Zhu <teawater@antfin.com>
2020-10-01 17:46:30 +02:00
Sebastien Boeuf
9dffc5da5c devices: ioapic: Always retrieve destination field on 8 bits
When the destination mode is physical, the destination field should
only be defined through bits 56-59, as defined in the IOAPIC spec. But
from the APIC specification, the APIC ID is always defined on 8 bits no
matter which destination mode is selected. That's why we always retrieve
the destination field based on bits 56-63.

Signed-off-by: Sebastien Boeuf <sebastien.boeuf@intel.com>
2020-10-01 14:35:38 +01:00
dependabot-preview[bot]
a8c2d70869 build(deps): bump pin-project from 0.4.24 to 0.4.25
Bumps [pin-project](https://github.com/taiki-e/pin-project) from 0.4.24 to 0.4.25.
- [Release notes](https://github.com/taiki-e/pin-project/releases)
- [Changelog](https://github.com/taiki-e/pin-project/blob/master/CHANGELOG.md)
- [Commits](https://github.com/taiki-e/pin-project/compare/v0.4.24...v0.4.25)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-10-01 11:15:43 +00:00
Bo Chen
a070f44a51 build: github: Add a new action to build cargo fuzz
Signed-off-by: Bo Chen <chen.bo@intel.com>
2020-10-01 11:16:35 +01:00
Bo Chen
dda1df0a58 fuzz: Fix the building errors with recent changes
This patch adds two required dependencies to fuzz/Cargo.toml, and fixes
the building error on the 'block' fuzzer.

Signed-off-by: Bo Chen <chen.bo@intel.com>
2020-10-01 11:16:35 +01:00
Rob Bradford
2c2e7016c7 main: Improve documentation for --kernel
Fixes: #1712

Signed-off-by: Rob Bradford <robert.bradford@intel.com>
2020-10-01 10:08:25 +01:00
Sebastien Boeuf
532b3063be ci: No need to build Docker image locally for arm64
Now that Docker images are automatically generated for both amd64 and
arm64 architectures, there's no need to generate the arm64 image locally
on the ARM CI during a CI run. The image should be available from
DockerHub instead.

Signed-off-by: Sebastien Boeuf <sebastien.boeuf@intel.com>
2020-10-01 10:04:32 +01:00
dependabot-preview[bot]
91314e7b6c build(deps): bump serde_json from 1.0.57 to 1.0.58
Bumps [serde_json](https://github.com/serde-rs/json) from 1.0.57 to 1.0.58.
- [Release notes](https://github.com/serde-rs/json/releases)
- [Commits](https://github.com/serde-rs/json/compare/v1.0.57...v1.0.58)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-10-01 08:07:53 +00:00
dependabot-preview[bot]
8851b48ce6 build(deps): bump proc-macro2 from 1.0.23 to 1.0.24
Bumps [proc-macro2](https://github.com/alexcrichton/proc-macro2) from 1.0.23 to 1.0.24.
- [Release notes](https://github.com/alexcrichton/proc-macro2/releases)
- [Commits](https://github.com/alexcrichton/proc-macro2/compare/1.0.23...1.0.24)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-10-01 05:40:28 +00:00
dependabot-preview[bot]
76c3230e08 build(deps): bump libc from 0.2.77 to 0.2.78
Bumps [libc](https://github.com/rust-lang/libc) from 0.2.77 to 0.2.78.
- [Release notes](https://github.com/rust-lang/libc/releases)
- [Commits](https://github.com/rust-lang/libc/compare/0.2.77...0.2.78)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-10-01 05:40:02 +00:00
Rob Bradford
664c3ceda6 vmm: device_manager: Warn that vhost-user self spawning is deprecated
See #1724 for details.

Signed-off-by: Rob Bradford <robert.bradford@intel.com>
2020-09-30 18:32:50 +02:00
Rob Bradford
0a4be7ddf5 vmm: "Cleanly" shutdown on SIGTERM
Write to the exit_evt EventFD which will trigger all the devices and
vCPUs to exit. This is slightly cleaner than just exiting the process as
any temporary files will be removed.

Fixes: #1242

Signed-off-by: Rob Bradford <robert.bradford@intel.com>
2020-09-30 18:32:16 +02:00
Sebastien Boeuf
8a11ef5ba6 ci: Move back to latest virtiofsd version
This commit moves back to the branch "virtio-fs-dev" from virtiofsd, as
we figured the changes needed to use this branch and the requirements
from the new meson build from QEMU.

It updates the container version to ensure the dev_cli.sh script will
rely on the latest container which contains the needed packages.

Signed-off-by: Sebastien Boeuf <sebastien.boeuf@intel.com>
2020-09-30 13:10:23 +01:00
Sebastien Boeuf
1e5d35d13a resources: Finalize automated generation of the Docker image
By fixing the Dockerfile, we have now finalized the automated generation
of the Docker images for both architectures (amd64 and arm64).

Fixes #953

Signed-off-by: Sebastien Boeuf <sebastien.boeuf@intel.com>
2020-09-30 10:03:06 +01:00
Rob Bradford
df26b428b1 arch: x86_64: Copy CPU identification string into guest cpuid
This is stored in leaves 0x80000002 to 0x80000004 inclusive.

Signed-off-by: Rob Bradford <robert.bradford@intel.com>
2020-09-30 08:18:08 +01:00
Bo Chen
6d30fe05e4 vmm: openapi: Add the 'iommu' and 'id' option to 'VmAddDevice'
This patch adds the missing the `iommu` and `id` option for
`VmAddDevice` in the openApi yaml to respect the internal data structure
in the code base. Also, setting the `id` explicitly for VFIO device
hotplug is required for VFIO device unplug through openAPI calls.

Signed-off-by: Bo Chen <chen.bo@intel.com>
2020-09-30 08:17:44 +01:00
dependabot-preview[bot]
af0c4c1659 build(deps): bump backtrace from 0.3.50 to 0.3.51
Bumps [backtrace](https://github.com/rust-lang/backtrace-rs) from 0.3.50 to 0.3.51.
- [Release notes](https://github.com/rust-lang/backtrace-rs/releases)
- [Commits](https://github.com/rust-lang/backtrace-rs/compare/0.3.50...0.3.51)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-09-29 20:25:50 +00:00
Julio Montes
668c563dac vmm: openapi: fix integers format
According to openAPI specification [1], the format for `integer` types
can be only `int32` or `int64`, unsigned and 8-bits integers are not
supported.
This patch replaces `uint64` with `int64`, `uint32` with `int32` and
`uint8` with `int32`.

[1]: https://swagger.io/specification/#data-types

Signed-off-by: Julio Montes <julio.montes@intel.com>
2020-09-29 12:55:40 -07:00
Rob Bradford
5a0d3277c8 vmm: vm: Replace \n newline character with \r
This allows the CMD prompt under SAC to be used without affecting getty
on Linux.

Fixes: #1770

Signed-off-by: Rob Bradford <robert.bradford@intel.com>
2020-09-29 16:10:12 +02:00
Wei Liu
4ef97d8ddb vmm: interrupts: clearly separate MsiInterruptGroup and InterruptRoute
MsiInterruptGroup doesn't need to know the internal field names of
InterruptRoute. Introduce two helper functions to eliminate references
to irq_fd. This is done similarly to the enable and disable helper
functions.

Also drop the pub keyword from InterruptRoute fields. It is not needed
anymore.

No functional change.

Signed-off-by: Wei Liu <liuwe@microsoft.com>
2020-09-29 13:51:35 +02:00
Sebastien Boeuf
db5d42ad41 resources: Fix Dockerfile to support multi-architecture
In order to support both amd64 and arm64, we rely on the TARGETARCH
variable that is passed from the docker buildx command, based on the
platform used to build the container image.

There is no way to rely directly on $(uname -m) to assign a variable
with the correct x86_64 or aarch64 values we're looking for. Both ENV
and ARG don't evaluate the command, which means they see it as a simple
string. Using RUN is the only way to evaluate a command.

Signed-off-by: Sebastien Boeuf <sebastien.boeuf@intel.com>
2020-09-29 09:29:36 +02:00
dependabot-preview[bot]
315cd5a054 build(deps): bump pin-project from 0.4.23 to 0.4.24
Bumps [pin-project](https://github.com/taiki-e/pin-project) from 0.4.23 to 0.4.24.
- [Release notes](https://github.com/taiki-e/pin-project/releases)
- [Changelog](https://github.com/taiki-e/pin-project/blob/master/CHANGELOG.md)
- [Commits](https://github.com/taiki-e/pin-project/compare/v0.4.23...v0.4.24)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-09-28 14:34:47 +00:00
Sebastien Boeuf
77e9fcdebd resources: Update Dockerfile to install missing Python packages
In order to build virtiofsd from the latest build system, the Python
package python3-setuptools is required.

Signed-off-by: Sebastien Boeuf <sebastien.boeuf@intel.com>
2020-09-28 09:28:37 +02:00
Sebastien Boeuf
3534b6932a github: Add a new action to update the Docker image
The idea is to rely on this new Github Action to detect when the
Dockerfile is updated after a push to the master branch on the
repository.

Once triggered, this action builds the Docker image for both
linux/amd64 and linux/arm64 platforms, and updates it directly
on Docker Hub.

Signed-off-by: Sebastien Boeuf <sebastien.boeuf@intel.com>
2020-09-28 08:25:11 +02:00
dependabot-preview[bot]
34dd3b83af build(deps): bump syn from 1.0.41 to 1.0.42
Bumps [syn](https://github.com/dtolnay/syn) from 1.0.41 to 1.0.42.
- [Release notes](https://github.com/dtolnay/syn/releases)
- [Commits](https://github.com/dtolnay/syn/compare/1.0.41...1.0.42)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-09-28 05:20:09 +00:00
dependabot-preview[bot]
e105611eb6 build(deps): bump proc-macro2 from 1.0.21 to 1.0.23
Bumps [proc-macro2](https://github.com/alexcrichton/proc-macro2) from 1.0.21 to 1.0.23.
- [Release notes](https://github.com/alexcrichton/proc-macro2/releases)
- [Commits](https://github.com/alexcrichton/proc-macro2/compare/1.0.21...1.0.23)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-09-28 05:19:46 +00:00
Praveen Paladugu
f10872e706 vmm: fix clippy warnings
Signed-off-by: Praveen Paladugu <prapal@microsoft.com>
2020-09-26 14:07:12 +01:00
Praveen Paladugu
4b32252028 hypervisor, vmm: fix clippy warnings
Signed-off-by: Praveen Paladugu <prapal@microsoft.com>
2020-09-26 14:07:12 +01:00
Praveen Paladugu
6ebeaa9246 option_parser: fix clippy warnings
Signed-off-by: Praveen Paladugu <prapal@microsoft.com>
2020-09-26 14:07:12 +01:00
Julio Montes
c54452c08a vmm: openapi: fix integers format
According to openAPI specification[1], the format for `integer` types
can be only `int32` or `int64`, unsigned integers are not supported.
This patch replaces `uint64` with `int64`.

[1]: https://swagger.io/specification/#data-types

Signed-off-by: Julio Montes <julio.montes@intel.com>
2020-09-26 14:05:51 +01:00
Rob Bradford
f762bc7573 arch: x86_64: Create MP table after SMBIOS table if space
In order to speed up the Linux boot (so as to avoid it having to scan a
large number of pages) place the MP table directly after the SMBIOS
table if there is sufficient room. The start address of the SMBIOS table
is one of the three (and the largest) location that the MP table can
also be located at.

Before:
[    0.000399] x86/PAT: Configuration [0-7]: WB  WC  UC- UC  WB  WP  UC- WT
[    0.014945] check: Scanning 1 areas for low memory corruption

After:
[    0.000284] x86/PAT: Configuration [0-7]: WB  WC  UC- UC  WB  WP  UC- WT
[    0.000421] found SMP MP-table at [mem 0x000f0090-0x000f009f]

Signed-off-by: Rob Bradford <robert.bradford@intel.com>
2020-09-25 19:41:24 +02:00
Wei Liu
7e130a65ba vmm: interrupts: adjust set_gsi_routes
There is no point in manually dropping the lock for gsi_msi_routes then
instantly grabbing it again in set_gsi_routes.

Make set_gsi_routes take a reference to the routing hashmap instead.

No functional change intended.

Signed-off-by: Wei Liu <liuwe@microsoft.com>
2020-09-25 17:17:35 +02:00
Hui Zhu
4913acc05e vmm: Add 'balloon' to memory parameters
Add the option 'balloon' to --memory.

Signed-off-by: Hui Zhu <teawater@antfin.com>
2020-09-25 17:13:39 +02:00
Sebastien Boeuf
c85e396ce5 vmm: cpu: x86: Enable MTRR feature in CPUID
The MTRR feature was missing from the CPUID, which is causing the guest
to ignore the MTRR settings exposed through dedicated MSRs.

Signed-off-by: Sebastien Boeuf <sebastien.boeuf@intel.com>
2020-09-25 15:03:52 +02:00
Rob Bradford
f4ec915c5d resources: Remove unused PPS features from kernel config
In particular this removes the annoying PPS messages that fill up the
dmesg log.

Signed-off-by: Rob Bradford <robert.bradford@intel.com>
2020-09-25 14:07:41 +02:00
Sebastien Boeuf
ae44e9c076 resources: Reduce x86_64 kernel configuration to fix warnings
Removing the ISA DMA configurations prevents the kernel from accessing
the port I/O 0x87, which was generating the following warning:

WARN:vmm/src/cpu.rs:378 -- Guest PIO read to unregistered address 0x87

Removing the TELCLOCK configuration prevents the kernel from accessing
the port I/O reserved for the memory manager, which was causing the
following warning:

WARN:vmm/src/memory_manager.rs:289 -- Unexpected offset for accessing
memory manager device: 15

Signed-off-by: Sebastien Boeuf <sebastien.boeuf@intel.com>
2020-09-25 10:22:28 +01:00
Rob Bradford
29b74804e1 main: Improve the error reporting when creating the hypervisor object
The ::new() does very little beyond trying to open the /dev/kvm device
so provide a hint to the user about what has gone wrong.

Signed-off-by: Rob Bradford <robert.bradford@intel.com>
2020-09-25 11:08:01 +02:00
Bo Chen
1d3c3bc6ec tests: Capture child process stdout/err in 'test_memory_mergeable'
Signed-off-by: Bo Chen <chen.bo@intel.com>
2020-09-25 08:40:23 +02:00
Bo Chen
2441798fe4 tests: Resize the pipe size to 256K for capturing child stdout/err
As discussed in #1707, the `vcpu` thread can be stalled when using
`--serial tty`. To workaround that issue, this patch enforces to resize
the pipe size to 256K when we capture the stdout/stderr of the
cloud-hypervisor child process in the integration tests. Note that the
pipe size (256K) is chosen based on the output size of our integration
tests at this point, which may need to be increased in the future.

Signed-off-by: Bo Chen <chen.bo@intel.com>
2020-09-25 08:40:23 +02:00
Bo Chen
365b947023 tests: Port test_simple_launch to the new methodology
This is the last test to be ported to the new methodology.

Signed-off-by: Bo Chen <chen.bo@intel.com>
2020-09-25 08:40:23 +02:00
Bo Chen
cb2f11724a tests: Port test_reboot to the new methodology
Signed-off-by: Bo Chen <chen.bo@intel.com>
2020-09-25 08:40:23 +02:00
Hui Zhu
d03a48162f balloon.rs: BalloonEpollHandler: Fix wrong error in handle_event
error!("Unknown event for virtio-mem");
This error should be
error!("Unknown event for virtio-balloon");

Signed-off-by: Hui Zhu <teawater@antfin.com>
2020-09-25 08:36:23 +02:00
Sebastien Boeuf
de88bef429 pci: msix: Fix masking/enabling semantics
By looking at Linux kernel boot time, we identified that a lot of time
was spent registering and unregistering IRQ fds to KVM. This is not
efficient and certainly not a wrong behavior from the Linux kernel,
but rather a problem with the Cloud-Hypervisor's implementation of
MSI-X.

The way to fix this issue is by ensuring the initial conditions are
correct, which means the entire MSI-X vector table must be disabled
and masked. Additionally, each vector must be individually masked.

With these correct conditions, Linux won't start masking interrupt
vectors, and later unmask them since they will be seen as masked from
the beginning. This means the OS will simply have to unmask them when
needed, avoiding the extra operation.

Another aspect of this patch is to prevent Cloud-Hypervisor from
enabling (by registering IRQ fd) all vectors when either the global
'mask' or 'enable' bits are set. Instead, we can simply let the mask()
and unmask() operations take care of it if needed.

Signed-off-by: Sebastien Boeuf <sebastien.boeuf@intel.com>
2020-09-24 22:29:16 +02:00
Sebastien Boeuf
64351c1f3f build: Update Cargo.lock
Signed-off-by: Sebastien Boeuf <sebastien.boeuf@intel.com>
2020-09-23 19:03:19 +02:00
Sebastien Boeuf
2eaf1c70c0 vmm: acpi: Advertise the correct PCI bus range
Since Cloud-Hypervisor currently support one single PCI bus, we must
reflect this through the MCFG table, as it advertises the first bus and
the last bus available. In this case both are bus 0.

This patch saves quite some time during guest kernel boot, as it
prevents from checking each bus for available devices.

Signed-off-by: Sebastien Boeuf <sebastien.boeuf@intel.com>
2020-09-23 19:03:19 +02:00
Sebastien Boeuf
ec56710c9b devices: ioapic: Mask entries by default
When created, the IOAPIC entries should be masked, as it is the guest's
responsibility (FW and/or OS) to unmask them if/when necessary.

This patch saves a full round of port I/O writes from the guest to the
IOAPIC, meant for masking the unmasked entries.

Because they're now masked, the entries are not enabled, which means
they are not connected from a KVM perspective, saving from unneeded
registration/unregistration of the irq fds.

Signed-off-by: Sebastien Boeuf <sebastien.boeuf@intel.com>
2020-09-23 19:03:19 +02:00