4283 Commits

Author SHA1 Message Date
Rob Bradford
e0c0d0e142 vmm: config: Validate network configuration
Signed-off-by: Rob Bradford <robert.bradford@intel.com>
2021-04-13 14:29:18 +02:00
Alyssa Ross
37a2c13a90 docs: use relative links between cloud-hypervisor docs
This way, the links can be navigated locally, not just on GitHub.

Signed-off-by: Alyssa Ross <hi@alyssa.is>
2021-04-13 10:57:44 +01:00
Jianyong Wu
740994542a Update memory layout to accommodate uefi on arm64.
For now, memory layout on arm64 is sparse and is conflict with uefi.
Here, we do some rearrangement to let it compact and compatible with
uefi support.

Signed-off-by: Jianyong Wu <jianyong.wu@arm.com>
2021-04-13 09:00:36 +02:00
Bo Chen
99694cf5c1 tests: Simplify 'test_memory_mergeable'
We now reply on the value from '/sys/kernel/mm/ksm/shared_pages' to
validate our "--memory mergeable=on|off" option. For `mergeable=on`,
we are expecting to see more 'shared_pages' reported by the kernel when
we start more VMs with this option. For `mergeable=off`, we are
expecting the 'shared_pages' value to be always 0, as we are assuming
the rest of the system (in our CI) is not using mergeable memory.

Fixes: #2138

Signed-off-by: Bo Chen <chen.bo@intel.com>
2021-04-13 09:00:00 +02:00
Rob Bradford
17072e9a6f vmm: seccomp: Add missing SYS_newfstatat
This is used when running on a new libc like Fedora34.

Signed-off-by: Rob Bradford <robert.bradford@intel.com>
2021-04-12 18:02:29 +02:00
Anatol Belski
e1cc702327 memory_manager: Fix address range calculation in MemorySlot
The MCRS method returns a 64-bit memory range descriptor. The
calculation is supposed to be done as follows:

max = min + len - 1

However, every operand is represented not as a QWORD but as combination
of two DWORDs for high and low part. Till now, the calculation was done
this way, please see also inline comments:

max.lo = min.lo + len.lo //this may overflow, need to carry over to high
max.hi = min.hi + len.hi
max.hi = max.hi - 1 // subtraction needs to happen on the low part

This calculation has been corrected the following way:

max.lo = min.lo + len.lo
max.hi = min.hi + len.hi + (max.lo < min.lo) // check for overflow
max.lo = max.lo - 1 // subtract from low part

The relevant part from the generated ASL for the MCRS method:
```
Method (MCRS, 1, Serialized)
{
    Acquire (MLCK, 0xFFFF)
    \_SB.MHPC.MSEL = Arg0
    Name (MR64, ResourceTemplate ()
    {
	QWordMemory (ResourceProducer, PosDecode, MinFixed, MaxFixed, Cacheable, ReadWrite,
	    0x0000000000000000, // Granularity
	    0x0000000000000000, // Range Minimum
	    0xFFFFFFFFFFFFFFFE, // Range Maximum
	    0x0000000000000000, // Translation Offset
	    0xFFFFFFFFFFFFFFFF, // Length
	    ,, _Y00, AddressRangeMemory, TypeStatic)
    })
    CreateQWordField (MR64, \_SB.MHPC.MCRS._Y00._MIN, MINL)  // _MIN: Minimum Base Address
    CreateDWordField (MR64, 0x12, MINH)
    CreateQWordField (MR64, \_SB.MHPC.MCRS._Y00._MAX, MAXL)  // _MAX: Maximum Base Address
    CreateDWordField (MR64, 0x1A, MAXH)
    CreateQWordField (MR64, \_SB.MHPC.MCRS._Y00._LEN, LENL)  // _LEN: Length
    CreateDWordField (MR64, 0x2A, LENH)
    MINL = \_SB.MHPC.MHBL
    MINH = \_SB.MHPC.MHBH
    LENL = \_SB.MHPC.MHLL
    LENH = \_SB.MHPC.MHLH
    MAXL = (MINL + LENL) /* \_SB_.MHPC.MCRS.LENL */
    MAXH = (MINH + LENH) /* \_SB_.MHPC.MCRS.LENH */
    If ((MAXL < MINL))
    {
	MAXH += One /* \_SB_.MHPC.MCRS.MAXH */
    }

    MAXL -= One
    Release (MLCK)
    Return (MR64) /* \_SB_.MHPC.MCRS.MR64 */
}
```

Fixes #1800.

Signed-off-by: Anatol Belski <anbelski@linux.microsoft.com>
2021-04-12 16:20:19 +02:00
Rob Bradford
37e2784299 docs: Update README to include details of new GitHub advisory process
Signed-off-by: Rob Bradford <robert.bradford@intel.com>
2021-04-08 16:18:27 +01:00
Rob Bradford
6f5d4702d4 misc: Simplify snapshot/restore by using helper functions
Simplify snapshot & restore code by using generics to specify helper
functions that take / make a Serialize / Deserialize struct

Signed-off-by: Rob Bradford <robert.bradford@intel.com>
2021-04-08 16:17:14 +01:00
dependabot-preview[bot]
4e4c5fb6aa build(deps): bump syn from 1.0.68 to 1.0.69 in /fuzz
Bumps [syn](https://github.com/dtolnay/syn) from 1.0.68 to 1.0.69.
- [Release notes](https://github.com/dtolnay/syn/releases)
- [Commits](https://github.com/dtolnay/syn/compare/1.0.68...1.0.69)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2021-04-08 08:44:20 +00:00
dependabot-preview[bot]
1939dbbf0b build(deps): bump syn from 1.0.68 to 1.0.69
Bumps [syn](https://github.com/dtolnay/syn) from 1.0.68 to 1.0.69.
- [Release notes](https://github.com/dtolnay/syn/releases)
- [Commits](https://github.com/dtolnay/syn/compare/1.0.68...1.0.69)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2021-04-08 06:47:18 +00:00
Sebastien Boeuf
7e2c4b63c2 ci: Update SGX test to rely on vmlinux
Since using bzImage is now deprecated, let's update the SGX integration
test to rely on vmlinux instead.

Fixes #2476

Signed-off-by: Sebastien Boeuf <sebastien.boeuf@intel.com>
2021-04-07 17:40:10 +02:00
Rob Bradford
2d2623238d main: Move logging setup to start_vmm()
This allows the return of errors which will be printed using the
existing code and removes panic()s

Fixes: #2342

Signed-off-by: Rob Bradford <robert.bradford@intel.com>
2021-04-07 16:29:20 +01:00
Rob Bradford
af02262b4b main: Move event monitor handling to start_vmm()
This allows the return of errors which will be printed using the
existing code and removes panic()s

Fixes: #2342

Signed-off-by: Rob Bradford <robert.bradford@intel.com>
2021-04-07 16:29:20 +01:00
Anatol Belski
3f5ecbd326 tests: Extend Windows guest CPU hotplug test and update doc
Both changes aim to document the absence of the CPU hot-remove
functionality on Windows.

Closes #2457.

Signed-off-by: Anatol Belski <anbelski@linux.microsoft.com>
2021-04-07 14:44:29 +01:00
Sebastien Boeuf
e5211a6e1d ci: Update Ubuntu Focal custom image
Update the Ubuntu Focal image used as the guest image. It's based on the
latest Focal image released on April 1st 2021, and customized to include
all the utilities we need. As usual, snapd and pollinate services have
been removed.

Signed-off-by: Sebastien Boeuf <sebastien.boeuf@intel.com>
2021-04-07 10:26:15 +01:00
dependabot-preview[bot]
7a6cca35e3 build(deps): bump libc from 0.2.92 to 0.2.93 in /fuzz
Bumps [libc](https://github.com/rust-lang/libc) from 0.2.92 to 0.2.93.
- [Release notes](https://github.com/rust-lang/libc/releases)
- [Commits](https://github.com/rust-lang/libc/compare/0.2.92...0.2.93)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2021-04-07 07:32:11 +00:00
dependabot-preview[bot]
23411d45ba build(deps): bump libc from 0.2.92 to 0.2.93
Bumps [libc](https://github.com/rust-lang/libc) from 0.2.92 to 0.2.93.
- [Release notes](https://github.com/rust-lang/libc/releases)
- [Commits](https://github.com/rust-lang/libc/compare/0.2.92...0.2.93)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2021-04-06 17:03:25 +00:00
Rob Bradford
9a8a34a8a9 tests: Only use bzImage in integration tests that require it
i.e. test_bzimage_boot and test_bzimage_reboot

Signed-off-by: Rob Bradford <robert.bradford@intel.com>
2021-04-06 13:30:59 +02:00
Rob Bradford
5c7164e55f docs: Update documentation to not use bzImage
This functionality is deprecated.

See: #2231

Signed-off-by: Rob Bradford <robert.bradford@intel.com>
2021-04-06 13:30:59 +02:00
dependabot-preview[bot]
9dbea4fe9c build(deps): bump vhost from 88aafc0 to 0e9fed2
Bumps [vhost](https://github.com/rust-vmm/vhost) from `88aafc0` to `0e9fed2`.
- [Release notes](https://github.com/rust-vmm/vhost/releases)
- [Commits](88aafc03a8...0e9fed2d75)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2021-04-06 06:55:29 +00:00
dependabot-preview[bot]
20c9a67f9d build(deps): bump mshv-bindings from 1c2ae9a to 936e2e3
Bumps [mshv-bindings](https://github.com/cloud-hypervisor/mshv) from `1c2ae9a` to `936e2e3`.
- [Release notes](https://github.com/cloud-hypervisor/mshv/releases)
- [Commits](1c2ae9a3bc...936e2e34af)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2021-04-06 06:55:17 +00:00
dependabot-preview[bot]
fd4ad1e124 build(deps): bump seccomp from v0.22.0 to v0.24.2 in /fuzz
Bumps [seccomp](https://github.com/firecracker-microvm/firecracker) from v0.22.0 to v0.24.2.
- [Release notes](https://github.com/firecracker-microvm/firecracker/releases)
- [Changelog](5ba819d7b7/CHANGELOG.md)
- [Commits](cc5387637c...5ba819d7b7)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2021-04-05 21:11:49 +00:00
dependabot-preview[bot]
d052b9ec12 build(deps): bump seccomp from v0.22.0 to v0.24.2
Bumps [seccomp](https://github.com/firecracker-microvm/firecracker) from v0.22.0 to v0.24.2.
- [Release notes](https://github.com/firecracker-microvm/firecracker/releases)
- [Changelog](5ba819d7b7/CHANGELOG.md)
- [Commits](cc5387637c...5ba819d7b7)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2021-04-05 21:34:34 +01:00
dependabot-preview[bot]
cbf6ee8b8d build(deps): bump syn from 1.0.67 to 1.0.68 in /fuzz
Bumps [syn](https://github.com/dtolnay/syn) from 1.0.67 to 1.0.68.
- [Release notes](https://github.com/dtolnay/syn/releases)
- [Commits](https://github.com/dtolnay/syn/compare/1.0.67...1.0.68)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2021-04-05 10:44:06 +00:00
dependabot-preview[bot]
a12ec27c33 build(deps): bump signal-hook from 0.3.7 to 0.3.8 in /fuzz
Bumps [signal-hook](https://github.com/vorner/signal-hook) from 0.3.7 to 0.3.8.
- [Release notes](https://github.com/vorner/signal-hook/releases)
- [Changelog](https://github.com/vorner/signal-hook/blob/master/CHANGELOG.md)
- [Commits](https://github.com/vorner/signal-hook/commits/v0.3.8)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2021-04-05 09:43:59 +00:00
dependabot-preview[bot]
776ce52b9f build(deps): bump syn from 1.0.67 to 1.0.68
Bumps [syn](https://github.com/dtolnay/syn) from 1.0.67 to 1.0.68.
- [Release notes](https://github.com/dtolnay/syn/releases)
- [Commits](https://github.com/dtolnay/syn/compare/1.0.67...1.0.68)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2021-04-05 09:42:04 +00:00
dependabot-preview[bot]
78f9d2cc85 build(deps): bump signal-hook from 0.3.7 to 0.3.8
Bumps [signal-hook](https://github.com/vorner/signal-hook) from 0.3.7 to 0.3.8.
- [Release notes](https://github.com/vorner/signal-hook/releases)
- [Changelog](https://github.com/vorner/signal-hook/blob/master/CHANGELOG.md)
- [Commits](https://github.com/vorner/signal-hook/commits/v0.3.8)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2021-04-04 08:15:46 +00:00
dependabot-preview[bot]
a9a475c058 build(deps): bump proc-macro2 from 1.0.24 to 1.0.26 in /fuzz
Bumps [proc-macro2](https://github.com/alexcrichton/proc-macro2) from 1.0.24 to 1.0.26.
- [Release notes](https://github.com/alexcrichton/proc-macro2/releases)
- [Commits](https://github.com/alexcrichton/proc-macro2/compare/1.0.24...1.0.26)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2021-04-02 13:38:59 +00:00
dependabot-preview[bot]
4ad8a22392 build(deps): bump proc-macro2 from 1.0.24 to 1.0.26
Bumps [proc-macro2](https://github.com/alexcrichton/proc-macro2) from 1.0.24 to 1.0.26.
- [Release notes](https://github.com/alexcrichton/proc-macro2/releases)
- [Commits](https://github.com/alexcrichton/proc-macro2/compare/1.0.24...1.0.26)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2021-04-02 13:38:51 +00:00
Anatol Belski
1bb0e54e92 tests: Add test for CPU hotplug for Windows guest
Also, add a note on hotplug support to windows.md.

Closes #2438.

Signed-off-by: Anatol Belski <anbelski@linux.microsoft.com>
2021-04-01 16:07:50 +01:00
Sebastien Boeuf
46f96f27a4 vmm: Add missing syscall for vCPU unplug
clock_nanosleep() is triggered when hot-unplugging a vCPU.

Signed-off-by: Sebastien Boeuf <sebastien.boeuf@intel.com>
2021-03-31 10:51:52 +01:00
dependabot-preview[bot]
d2bc7bb4c6 build(deps): bump libc from 0.2.91 to 0.2.92 in /fuzz
Bumps [libc](https://github.com/rust-lang/libc) from 0.2.91 to 0.2.92.
- [Release notes](https://github.com/rust-lang/libc/releases)
- [Commits](https://github.com/rust-lang/libc/compare/0.2.91...0.2.92)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2021-03-31 07:59:11 +00:00
Bo Chen
32ad4982dd virtio-devices: Add rate limiter for the RX queue of virtio-net
Fixes: #1286

Signed-off-by: Bo Chen <chen.bo@intel.com>
2021-03-30 19:47:43 +02:00
Bo Chen
5d8de62362 vmm: openapi: Add rate_limiter_config to the NetConfig
Signed-off-by: Bo Chen <chen.bo@intel.com>
2021-03-30 19:47:43 +02:00
Bo Chen
b176ddfe2a virtio-devices, vmm: Add rate limiter for the TX queue of virtio-net
Partially fixes: #1286

Signed-off-by: Bo Chen <chen.bo@intel.com>
2021-03-30 19:47:43 +02:00
Bo Chen
bfa37f89c4 virtio-devices: net: Refactor 'handle_tx_event'
This patch moves out the actual processing on the TX queue from the
`handle_tx_event()` function into a separate function,
e.g. `process_tx()`. This allows us to resume the TX queue processing
without reading from the TX queue EventFd, which is needed for rate
limiting support.

No functional change.

Signed-off-by: Bo Chen <chen.bo@intel.com>
2021-03-30 19:47:43 +02:00
Bo Chen
ee871278ee virtio-devices: Move the 'rate_limiter' module to its own crate
To support I/O throttling on virt-net devices, we need to use the
'rate_limiter' module from the 'net_utils' crate. Given the
'virtio-devices' crate has dependency on the 'net_utils', we will need
to move the 'rate_limiter' module out of the 'virtio-devices' crate to
avoid circular dependency issue. Considering the 'rate_limiter' is not
virtio specific and could be reused for non virtio devices, we move it
to its own crate.

Signed-off-by: Bo Chen <chen.bo@intel.com>
2021-03-30 19:47:43 +02:00
dependabot-preview[bot]
b8311cac38 build(deps): bump libc from 0.2.91 to 0.2.92
Bumps [libc](https://github.com/rust-lang/libc) from 0.2.91 to 0.2.92.
- [Release notes](https://github.com/rust-lang/libc/releases)
- [Commits](https://github.com/rust-lang/libc/compare/0.2.91...0.2.92)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2021-03-30 12:09:56 +00:00
dependabot-preview[bot]
28a4e43731 build(deps): bump vhost from 05cd8b2 to 88aafc0
Bumps [vhost](https://github.com/rust-vmm/vhost) from `05cd8b2` to `88aafc0`.
- [Release notes](https://github.com/rust-vmm/vhost/releases)
- [Commits](05cd8b2ad3...88aafc03a8)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2021-03-30 06:52:42 +00:00
Rob Bradford
1eb4ebe3d1 vm-virtio: queue: Fix descriptor chain validation
DescriptorChain::is_valid() wrongly used .checked_offset() to attempt to
validate that the descriptor's data is in valid memory. This works in
all cases except where the guest has placed the data at the very end of
the guest memory as the offset + offset will be outside the range (as
the combined offset will be the next byte and as such out of the guest
memory). Instead use the function .check_range() takes an offset and a
length to validate

This fixes issues see with error messages featuring the
DescriptorChainTooShort error.

Fixes: #2424

Signed-off-by: Rob Bradford <robert.bradford@intel.com>
2021-03-29 16:37:27 +01:00
Sebastien Boeuf
73e8fd4d72 clippy: Fix codebase to compile with beta toolchain
Fixes the current codebase so that every cargo clippy can be run with
the beta toolchain without any error.

Signed-off-by: Sebastien Boeuf <sebastien.boeuf@intel.com>
2021-03-29 15:56:23 +01:00
Rob Bradford
943377e6a3 build: Add quality (clippy & rustfmt) using beta toolchain
This will give us advanced notice of upcoming changes.

Signed-off-by: Rob Bradford <robert.bradford@intel.com>
2021-03-29 15:56:23 +01:00
Anatol Belski
9e9aba7c0b CpuManager: Fix MMIO read handling
There are two parts:

- Unconditionally zero the output area. The length of the incoming
  vector has been seen from 1 to 4 bytes, even though just the first
  byte might need to be handled. But also, this ensures any possibly
  unhandled offset will return zeroed result to the caller. The former
  implementation used an I/O port which seems to behave differently from
  MMIO and wouldn't require explicit output zeroing.
- An access with zero offset still takes place and needs to be handled.

Fixes #2437.

Signed-off-by: Anatol Belski <anbelski@linux.microsoft.com>
2021-03-29 13:51:31 +01:00
Rob Bradford
431c16dc44 vmm: Use definition of MmioDeviceInfo from arch
Remove duplicated copies from vmm.

Signed-off-by: Rob Bradford <robert.bradford@intel.com>
2021-03-29 12:06:07 +02:00
dependabot-preview[bot]
e4e2b5d89f build(deps): bump syn from 1.0.64 to 1.0.67 in /fuzz
Bumps [syn](https://github.com/dtolnay/syn) from 1.0.64 to 1.0.67.
- [Release notes](https://github.com/dtolnay/syn/releases)
- [Commits](https://github.com/dtolnay/syn/compare/1.0.64...1.0.67)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2021-03-29 08:27:34 +00:00
Gaelan Steele
21506a4a76 vmm: reorder constructor fields to match struct
Satisfies nightly clippy.

Signed-off-by: Gaelan Steele <gbs@canishe.com>
2021-03-29 09:55:29 +02:00
Gaelan Steele
b161a570ec vmm: use Option::map and Option::cloned
It's more concise, more idiomatic Rust, and satisfies nightly clippy.

Signed-off-by: Gaelan Steele <gbs@canishe.com>
2021-03-29 09:55:29 +02:00
Gaelan Steele
b16fdb1b3a virtio-devices: use Option::map
It's more concise, more idiomatic Rust, and satisfies nightly clippy.

Signed-off-by: Gaelan Steele <gbs@canishe.com>
2021-03-29 09:55:29 +02:00
Gaelan Steele
d72d7fd93c net_util: make constructor fields match struct
Statisfies nightly clippy.

Signed-off-by: Gaelan Steele <gbs@canishe.com>
2021-03-29 09:55:29 +02:00
Gaelan Steele
7a18e247f4 api_client: use Option::map in get_header
It's more idiomatic Rust, and satisfies nightly clippy.

Signed-off-by: Gaelan Steele <gbs@canishe.com>
2021-03-29 09:55:29 +02:00