Praveen K Paladugu
58b902d036
tpm: Add socket module
...
Add SocketDev struct. Methods in SocketDev will be used to read & write
to Ctrl channel created by swtpm.
Signed-off-by: Praveen K Paladugu <prapal@linux.microsoft.com>
Co-authored-by: Sean Yoo <t-seanyoo@microsoft.com>
2022-11-15 16:42:21 +00:00
Praveen K Paladugu
e3213c8a79
tpm: Add library module
...
Add structures and related methods to process Ctrl requests and responses
from swtpm to tpm library.
Signed-off-by: Praveen K Paladugu <prapal@linux.microsoft.com>
Co-authored-by: Sean Yoo <t-seanyoo@microsoft.com>
2022-11-15 16:42:21 +00:00
Wei Liu
2e2ce47271
hypervisor: do not get and set MSR_IA32_TSC for MSHV
...
Setting that MSR causes the reference TSC page to be disabled.
Signed-off-by: Wei Liu <liuwe@microsoft.com>
2022-11-15 10:19:57 +00:00
Rob Bradford
d3a8332282
tests: Remove test_reboot
...
There is no need for this test any longer as we have plenty of other
tests that reboot the VM.
Further this test used unmodified bionic image, which not only will be
EOLed soon but also took a long time to shutdown as it still had snapd
installed.
Fixes : #4849
Signed-off-by: Rob Bradford <robert.bradford@intel.com>
2022-11-15 09:30:16 +00:00
dependabot[bot]
c64004b9a9
build: Bump mshv-ioctls from ac9c92f
to 1a9ca01
...
Bumps [mshv-ioctls](https://github.com/rust-vmm/mshv ) from `ac9c92f` to `1a9ca01`.
- [Release notes](https://github.com/rust-vmm/mshv/releases )
- [Commits](ac9c92f9b3...1a9ca01801
)
---
updated-dependencies:
- dependency-name: mshv-ioctls
dependency-type: direct:production
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-11-14 23:45:35 +00:00
Rob Bradford
149e424b6e
virtio-devices: block: Return error to driver on writes if read-only
...
TEST=Boot `--disk readonly=on` along with a guest that tries to write
(unmodified hypervisor-fw) and observe that the virtio device thread no
longer panics.
Fixes : #4888
Signed-off-by: Rob Bradford <robert.bradford@intel.com>
2022-11-14 15:28:30 +00:00
Wei Liu
b07d471d4f
virtio-devices: show the failed block request to help debugging
...
Signed-off-by: Wei Liu <liuwe@microsoft.com>
2022-11-14 14:19:17 +00:00
Michael Zhao
345e65c9c2
Jenkins: Temporarily turn off AArch64 CI
...
Temporarily turn off AArch64 integration test in Jenkins for server
maintenance.
Signed-off-by: Michael Zhao <michael.zhao@arm.com>
2022-11-14 08:34:47 +00:00
dependabot[bot]
f93aa42319
build: Bump once_cell from 1.15.0 to 1.16.0
...
Bumps [once_cell](https://github.com/matklad/once_cell ) from 1.15.0 to 1.16.0.
- [Release notes](https://github.com/matklad/once_cell/releases )
- [Changelog](https://github.com/matklad/once_cell/blob/master/CHANGELOG.md )
- [Commits](https://github.com/matklad/once_cell/compare/v1.15.0...v1.16.0 )
---
updated-dependencies:
- dependency-name: once_cell
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-11-12 08:30:12 +00:00
dependabot[bot]
fa4bf92feb
build: Bump io-uring from 0.5.8 to 0.5.9 in /fuzz
...
Bumps [io-uring](https://github.com/tokio-rs/io-uring ) from 0.5.8 to 0.5.9.
- [Release notes](https://github.com/tokio-rs/io-uring/releases )
- [Commits](https://github.com/tokio-rs/io-uring/commits )
---
updated-dependencies:
- dependency-name: io-uring
dependency-type: indirect
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-11-12 08:30:01 +00:00
Rob Bradford
f30d460fa3
virtio-devices: seccomp: Move mprotect() to virtio common rules
...
It's perfectly reasonable to expect if that some virtio threads trigger
libc behaviour that needs mprotect() that all virtio threads would do
the same.
Fixes : #4874
Signed-off-by: Rob Bradford <robert.bradford@intel.com>
2022-11-12 08:29:47 +00:00
Rob Bradford
2c94773bdc
docs: seccomp: Enhance strace command to print thread name
...
Signed-off-by: Rob Bradford <robert.bradford@intel.com>
2022-11-11 16:47:24 +00:00
dependabot[bot]
9f1d2d34e8
build: Bump darling from 0.14.1 to 0.14.2
...
Bumps [darling](https://github.com/TedDriggs/darling ) from 0.14.1 to 0.14.2.
- [Release notes](https://github.com/TedDriggs/darling/releases )
- [Changelog](https://github.com/TedDriggs/darling/blob/master/CHANGELOG.md )
- [Commits](https://github.com/TedDriggs/darling/compare/v0.14.1...v0.14.2 )
---
updated-dependencies:
- dependency-name: darling
dependency-type: indirect
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-11-11 08:15:25 +00:00
Rob Bradford
57508a4b1c
virtio-net: net: Wait for threads to exit on Drop
...
It is required to close all file descriptors pointing to an opened TAP
device prior to reopening the TAP device; otherwise it will return
-EBUSY as the device can only be opened once (excluding MQ use cases.)
When rebooting the VM the virtio-net threads would still be running and
so the TAP file descriptor may not have been closed. To ensure that the
TAP FD is closed wait for all the epoll threads to exit after receiving the
KILL_EVENT.
Fixes : #4868
Signed-off-by: Rob Bradford <robert.bradford@intel.com>
2022-11-10 07:46:16 -08:00
dependabot[bot]
012f2572d5
build: Bump terminal_size from 0.2.1 to 0.2.2
...
Bumps [terminal_size](https://github.com/eminence/terminal-size ) from 0.2.1 to 0.2.2.
- [Release notes](https://github.com/eminence/terminal-size/releases )
- [Commits](https://github.com/eminence/terminal-size/compare/v0.2.1...v0.2.2 )
---
updated-dependencies:
- dependency-name: terminal_size
dependency-type: indirect
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-11-10 09:39:09 +00:00
dependabot[bot]
b9dbe3a2f7
build: Bump rustix from 0.35.12 to 0.35.13 in /fuzz
...
Bumps [rustix](https://github.com/bytecodealliance/rustix ) from 0.35.12 to 0.35.13.
- [Release notes](https://github.com/bytecodealliance/rustix/releases )
- [Commits](https://github.com/bytecodealliance/rustix/compare/v0.35.12...v0.35.13 )
---
updated-dependencies:
- dependency-name: rustix
dependency-type: indirect
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-11-09 23:43:39 +00:00
Rob Bradford
6230929d51
openapi: Add thp option to MemoryConfig
...
Signed-off-by: Rob Bradford <robert.bradford@intel.com>
2022-11-09 16:51:21 +00:00
Rob Bradford
04d034a0bc
docs: Update memory.md for THP
...
Signed-off-by: Rob Bradford <robert.bradford@intel.com>
2022-11-09 16:51:21 +00:00
Rob Bradford
f603afc46e
vmm: Make Transparent Huge Pages controllable (default on)
...
Add MemoryConfig::thp and `--memory thp=on|off` to allow control of
Transparent Huge Pages.
Signed-off-by: Rob Bradford <robert.bradford@intel.com>
2022-11-09 16:51:21 +00:00
Rob Bradford
b68add2d0d
vmm: Enable THP when using anonymous memory
...
If the memory is not backed by a file then it is possible to enable
Transparent Huge Pages on the memory and take advantage of the benefits
of huge pages without requiring the specific allocation of an appropriate
number of huge pages.
TEST=Boot and see that in /proc/`pidof cloud-hypervisor`/smaps that the
region is now THPeligible (and that also pages are being used.)
Signed-off-by: Rob Bradford <robert.bradford@intel.com>
2022-11-09 16:51:21 +00:00
dependabot[bot]
0f44db5da4
build: Bump openssl-src from 111.23.0+1.1.1r to 111.24.0+1.1.1s
...
Bumps [openssl-src](https://github.com/alexcrichton/openssl-src-rs ) from 111.23.0+1.1.1r to 111.24.0+1.1.1s.
- [Release notes](https://github.com/alexcrichton/openssl-src-rs/releases )
- [Commits](https://github.com/alexcrichton/openssl-src-rs/commits )
---
updated-dependencies:
- dependency-name: openssl-src
dependency-type: indirect
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-11-08 23:44:15 +00:00
dependabot[bot]
a7dccf94cf
build: Bump terminal_size from 0.2.1 to 0.2.2 in /fuzz
...
Bumps [terminal_size](https://github.com/eminence/terminal-size ) from 0.2.1 to 0.2.2.
- [Release notes](https://github.com/eminence/terminal-size/releases )
- [Commits](https://github.com/eminence/terminal-size/compare/v0.2.1...v0.2.2 )
---
updated-dependencies:
- dependency-name: terminal_size
dependency-type: indirect
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-11-08 23:36:26 +00:00
Jianyong Wu
0e6e539d9b
AArch64/fdt: fix PMU irqflag calculation
...
Currently, CPU mask involved into PMU irqflag caculation which is used
for Gicv2. It limits the CPU number up to 31. For Gicv3+, CPU mask is no
longer needed. More info see [1].
Signed-off-by: Jianyong Wu <jianyong.wu@arm.com>
[1] https://lore.kernel.org/all/165668798833.3744902.12084627427900181326.b4-ty@kernel.org/t/
2022-11-08 11:24:11 +00:00
dependabot[bot]
1cb1cff882
build: Bump env_logger from 0.9.1 to 0.9.3
...
Bumps [env_logger](https://github.com/env-logger-rs/env_logger ) from 0.9.1 to 0.9.3.
- [Release notes](https://github.com/env-logger-rs/env_logger/releases )
- [Changelog](https://github.com/env-logger-rs/env_logger/blob/main/CHANGELOG.md )
- [Commits](https://github.com/env-logger-rs/env_logger/compare/v0.9.1...v0.9.3 )
---
updated-dependencies:
- dependency-name: env_logger
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-11-07 23:55:26 +00:00
dependabot[bot]
fefbc356a2
build: Bump once_cell from 1.15.0 to 1.16.0 in /fuzz
...
Bumps [once_cell](https://github.com/matklad/once_cell ) from 1.15.0 to 1.16.0.
- [Release notes](https://github.com/matklad/once_cell/releases )
- [Changelog](https://github.com/matklad/once_cell/blob/master/CHANGELOG.md )
- [Commits](https://github.com/matklad/once_cell/compare/v1.15.0...v1.16.0 )
---
updated-dependencies:
- dependency-name: once_cell
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-11-07 23:52:05 +00:00
Muminul Islam
8b37448d28
tests: Disable test_snapshot_restore_hotplug_virtiomem for MSHV
...
Signed-off-by: Muminul Islam <muislam@microsoft.com>
2022-11-04 12:24:33 -07:00
Muminul Islam
92d083f593
tests: Add a basic test for snapshot/retsore
...
Signed-off-by: Muminul Islam <muislam@microsoft.com>
2022-11-04 12:24:33 -07:00
Muminul Islam
58d8795b53
tests: Make a wrapper function for snapshot/restore
...
Signed-off-by: Muminul Islam <muislam@microsoft.com>
2022-11-04 12:24:33 -07:00
Bo Chen
b37e2ed378
virtio-devices: mem: Handle integer overflow properly
...
An integer overflow from our virtio-mem device can be triggered
from (misbehaved) guest driver with malicious requests. This patch
handles this integer overflow explicitly and treats it as an invalid
request.
Note: this bug was detected by our virtio-mem fuzzer through 'oss-fuzz'.
Signed-off-by: Bo Chen <chen.bo@intel.com>
2022-11-04 09:33:21 +00:00
Bo Chen
ef8fb9bd25
fuzz: Add fuzzer for virtio-console
...
Signed-off-by: Bo Chen <chen.bo@intel.com>
2022-11-03 09:10:41 -07:00
Bo Chen
cfafc85b9c
virtio-devices: Custom 'EpollHelper::run_with_timeout' for fuzz
...
To support all virtio-devices, this patch replaces the customized
EpollHelper::run` with customized `EpollHelper::run_with_timeout` for
fuzzing.
Signed-off-by: Bo Chen <chen.bo@intel.com>
2022-11-03 09:10:41 -07:00
Bo Chen
683491a955
virtio-devices: console: Provide 'wait_for_epoll_threads'
...
Signed-off-by: Bo Chen <chen.bo@intel.com>
2022-11-03 09:10:41 -07:00
dependabot[bot]
2bbb08b2a4
build: Bump io-uring from 0.5.7 to 0.5.8
...
Bumps [io-uring](https://github.com/tokio-rs/io-uring ) from 0.5.7 to 0.5.8.
- [Release notes](https://github.com/tokio-rs/io-uring/releases )
- [Commits](https://github.com/tokio-rs/io-uring/commits )
---
updated-dependencies:
- dependency-name: io-uring
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-11-02 23:56:43 +00:00
dependabot[bot]
b77eb63688
build: Bump darling from 0.14.1 to 0.14.2 in /fuzz
...
Bumps [darling](https://github.com/TedDriggs/darling ) from 0.14.1 to 0.14.2.
- [Release notes](https://github.com/TedDriggs/darling/releases )
- [Changelog](https://github.com/TedDriggs/darling/blob/master/CHANGELOG.md )
- [Commits](https://github.com/TedDriggs/darling/compare/v0.14.1...v0.14.2 )
---
updated-dependencies:
- dependency-name: darling
dependency-type: indirect
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-11-02 23:51:00 +00:00
Rob Bradford
6722c303b0
docs: Fix broken link in windows.md
...
Fixes : #4840
Signed-off-by: Rob Bradford <robert.bradford@intel.com>
2022-11-02 11:40:44 +00:00
Rob Bradford
6e0bd73c90
build: Bump linux-loader from 0.6.0 to 0.7.0
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: Rob Bradford <robert.bradford@intel.com>
2022-11-02 11:02:00 +00:00
Rob Bradford
103fe1f48b
tests: Skip building kernel if already present
...
When running the glibc and musl integration tests on the CI after each
other skip building the kernel a second time.
Signed-off-by: Rob Bradford <robert.bradford@intel.com>
2022-11-02 09:42:07 +00:00
Rob Bradford
f4e1b72477
build: Consolidate integration testing to reused built assets
...
Signed-off-by: Rob Bradford <robert.bradford@intel.com>
2022-11-02 09:42:07 +00:00
Rob Bradford
65628e8d94
build: Run linter over Jenkinsfile
...
This has resulted in the content being indented with spaces rather tabs
per Groovy coding style.
Signed-off-by: Rob Bradford <robert.bradford@intel.com>
2022-11-02 09:42:07 +00:00
dependabot[bot]
851de1e0b3
build: Bump io-uring from 0.5.7 to 0.5.8 in /fuzz
...
Bumps [io-uring](https://github.com/tokio-rs/io-uring ) from 0.5.7 to 0.5.8.
- [Release notes](https://github.com/tokio-rs/io-uring/releases )
- [Commits](https://github.com/tokio-rs/io-uring/commits )
---
updated-dependencies:
- dependency-name: io-uring
dependency-type: indirect
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-11-02 09:21:17 +00:00
Bo Chen
a9ec0f33c0
misc: Fix clippy issues
...
Signed-off-by: Bo Chen <chen.bo@intel.com>
2022-11-02 09:41:43 +01:00
dependabot[bot]
9266ea4995
build: Bump clap from 4.0.17 to 4.0.18
...
Bumps [clap](https://github.com/clap-rs/clap ) from 4.0.17 to 4.0.18.
- [Release notes](https://github.com/clap-rs/clap/releases )
- [Changelog](https://github.com/clap-rs/clap/blob/master/CHANGELOG.md )
- [Commits](https://github.com/clap-rs/clap/compare/v4.0.17...v4.0.18 )
---
updated-dependencies:
- dependency-name: clap
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-11-01 00:41:51 +00:00
dependabot[bot]
6b8070de95
build: Bump io-lifetimes from 0.7.3 to 0.7.4
...
Bumps [io-lifetimes](https://github.com/sunfishcode/io-lifetimes ) from 0.7.3 to 0.7.4.
- [Release notes](https://github.com/sunfishcode/io-lifetimes/releases )
- [Commits](https://github.com/sunfishcode/io-lifetimes/compare/v0.7.3...v0.7.4 )
---
updated-dependencies:
- dependency-name: io-lifetimes
dependency-type: indirect
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-10-31 23:48:55 +00:00
dependabot[bot]
a5712641d2
build: Bump remain from 0.2.4 to 0.2.5 in /fuzz
...
Bumps [remain](https://github.com/dtolnay/remain ) from 0.2.4 to 0.2.5.
- [Release notes](https://github.com/dtolnay/remain/releases )
- [Commits](https://github.com/dtolnay/remain/compare/0.2.4...0.2.5 )
---
updated-dependencies:
- dependency-name: remain
dependency-type: indirect
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-10-31 23:46:39 +00:00
Rob Bradford
aad4dc3b6b
docs: Update memory.md to indicated that hugepages overrides shared
...
Signed-off-by: Rob Bradford <robert.bradford@intel.com>
2022-10-31 22:28:29 +00:00
Rob Bradford
f4495de143
vmm: Improve handling of shared memory backing
...
As huge pages are always MAP_SHARED then where the shared memory would
be checked (for vhost-user and local migration) we can also check
instead for huge pages.
The checking is also extended to cover the memory zones based
configuration as well.
Signed-off-by: Rob Bradford <robert.bradford@intel.com>
2022-10-31 22:28:29 +00:00
Rob Bradford
99d9a3d299
vmm: memory_manager: Avoid MAP_PRIVATE CoW with VFIO for hugepages too
...
We can't use MAP_ANONYMOUS and still have huge pages so MAP_SHARED is
effectively required when using huge pages.
Unfortunately it is not as simple as always forcing MAP_SHARED if
hugepages is on as this might be inappropriate in the backing file case
hence why there is additional complexity of assigning to mmap_flags on
each case and the MAP_SHARED is only turned on for the anonymous file
huge page case as well as anonymous shared file case.
See: #4805
Signed-off-by: Rob Bradford <robert.bradford@intel.com>
2022-10-31 22:28:29 +00:00
Rob Bradford
df7c728399
vmm: memory_manager: Only file back memory when required
...
If we do not need an anonymous file backing the memory then do not
create one.
As a side effect this addresses an issue with CoW (mmap with MAP_PRIVATE
but no MAP_ANONYMOUS) when the memory is pinned for VFIO.
Fixes : #4805
Signed-off-by: Rob Bradford <robert.bradford@intel.com>
2022-10-31 22:28:29 +00:00
Rob Bradford
1e5a4e8d77
vmm: memory_manager: Split filesystem backed and anonymous RAM creation
...
This simplifies the code somewhat making the code paths more readable.
Signed-off-by: Rob Bradford <robert.bradford@intel.com>
2022-10-31 22:28:29 +00:00
Rob Bradford
ff3fb91ba6
vmm: Refactor creation of the FileOffset for GuestRegionMmap::new()
...
Create this earlier so that it is possible to pass a None in for
anonymous mappings.
Signed-off-by: Rob Bradford <robert.bradford@intel.com>
2022-10-31 22:28:29 +00:00