2751 Commits

Author SHA1 Message Date
Rob Bradford
664c3ceda6 vmm: device_manager: Warn that vhost-user self spawning is deprecated
See #1724 for details.

Signed-off-by: Rob Bradford <robert.bradford@intel.com>
2020-09-30 18:32:50 +02:00
Rob Bradford
0a4be7ddf5 vmm: "Cleanly" shutdown on SIGTERM
Write to the exit_evt EventFD which will trigger all the devices and
vCPUs to exit. This is slightly cleaner than just exiting the process as
any temporary files will be removed.

Fixes: #1242

Signed-off-by: Rob Bradford <robert.bradford@intel.com>
2020-09-30 18:32:16 +02:00
Sebastien Boeuf
8a11ef5ba6 ci: Move back to latest virtiofsd version
This commit moves back to the branch "virtio-fs-dev" from virtiofsd, as
we figured the changes needed to use this branch and the requirements
from the new meson build from QEMU.

It updates the container version to ensure the dev_cli.sh script will
rely on the latest container which contains the needed packages.

Signed-off-by: Sebastien Boeuf <sebastien.boeuf@intel.com>
2020-09-30 13:10:23 +01:00
Sebastien Boeuf
1e5d35d13a resources: Finalize automated generation of the Docker image
By fixing the Dockerfile, we have now finalized the automated generation
of the Docker images for both architectures (amd64 and arm64).

Fixes #953

Signed-off-by: Sebastien Boeuf <sebastien.boeuf@intel.com>
2020-09-30 10:03:06 +01:00
Rob Bradford
df26b428b1 arch: x86_64: Copy CPU identification string into guest cpuid
This is stored in leaves 0x80000002 to 0x80000004 inclusive.

Signed-off-by: Rob Bradford <robert.bradford@intel.com>
2020-09-30 08:18:08 +01:00
Bo Chen
6d30fe05e4 vmm: openapi: Add the 'iommu' and 'id' option to 'VmAddDevice'
This patch adds the missing the `iommu` and `id` option for
`VmAddDevice` in the openApi yaml to respect the internal data structure
in the code base. Also, setting the `id` explicitly for VFIO device
hotplug is required for VFIO device unplug through openAPI calls.

Signed-off-by: Bo Chen <chen.bo@intel.com>
2020-09-30 08:17:44 +01:00
dependabot-preview[bot]
af0c4c1659 build(deps): bump backtrace from 0.3.50 to 0.3.51
Bumps [backtrace](https://github.com/rust-lang/backtrace-rs) from 0.3.50 to 0.3.51.
- [Release notes](https://github.com/rust-lang/backtrace-rs/releases)
- [Commits](https://github.com/rust-lang/backtrace-rs/compare/0.3.50...0.3.51)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-09-29 20:25:50 +00:00
Julio Montes
668c563dac vmm: openapi: fix integers format
According to openAPI specification [1], the format for `integer` types
can be only `int32` or `int64`, unsigned and 8-bits integers are not
supported.
This patch replaces `uint64` with `int64`, `uint32` with `int32` and
`uint8` with `int32`.

[1]: https://swagger.io/specification/#data-types

Signed-off-by: Julio Montes <julio.montes@intel.com>
2020-09-29 12:55:40 -07:00
Rob Bradford
5a0d3277c8 vmm: vm: Replace \n newline character with \r
This allows the CMD prompt under SAC to be used without affecting getty
on Linux.

Fixes: #1770

Signed-off-by: Rob Bradford <robert.bradford@intel.com>
2020-09-29 16:10:12 +02:00
Wei Liu
4ef97d8ddb vmm: interrupts: clearly separate MsiInterruptGroup and InterruptRoute
MsiInterruptGroup doesn't need to know the internal field names of
InterruptRoute. Introduce two helper functions to eliminate references
to irq_fd. This is done similarly to the enable and disable helper
functions.

Also drop the pub keyword from InterruptRoute fields. It is not needed
anymore.

No functional change.

Signed-off-by: Wei Liu <liuwe@microsoft.com>
2020-09-29 13:51:35 +02:00
Sebastien Boeuf
db5d42ad41 resources: Fix Dockerfile to support multi-architecture
In order to support both amd64 and arm64, we rely on the TARGETARCH
variable that is passed from the docker buildx command, based on the
platform used to build the container image.

There is no way to rely directly on $(uname -m) to assign a variable
with the correct x86_64 or aarch64 values we're looking for. Both ENV
and ARG don't evaluate the command, which means they see it as a simple
string. Using RUN is the only way to evaluate a command.

Signed-off-by: Sebastien Boeuf <sebastien.boeuf@intel.com>
2020-09-29 09:29:36 +02:00
dependabot-preview[bot]
315cd5a054 build(deps): bump pin-project from 0.4.23 to 0.4.24
Bumps [pin-project](https://github.com/taiki-e/pin-project) from 0.4.23 to 0.4.24.
- [Release notes](https://github.com/taiki-e/pin-project/releases)
- [Changelog](https://github.com/taiki-e/pin-project/blob/master/CHANGELOG.md)
- [Commits](https://github.com/taiki-e/pin-project/compare/v0.4.23...v0.4.24)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-09-28 14:34:47 +00:00
Sebastien Boeuf
77e9fcdebd resources: Update Dockerfile to install missing Python packages
In order to build virtiofsd from the latest build system, the Python
package python3-setuptools is required.

Signed-off-by: Sebastien Boeuf <sebastien.boeuf@intel.com>
2020-09-28 09:28:37 +02:00
Sebastien Boeuf
3534b6932a github: Add a new action to update the Docker image
The idea is to rely on this new Github Action to detect when the
Dockerfile is updated after a push to the master branch on the
repository.

Once triggered, this action builds the Docker image for both
linux/amd64 and linux/arm64 platforms, and updates it directly
on Docker Hub.

Signed-off-by: Sebastien Boeuf <sebastien.boeuf@intel.com>
2020-09-28 08:25:11 +02:00
dependabot-preview[bot]
34dd3b83af build(deps): bump syn from 1.0.41 to 1.0.42
Bumps [syn](https://github.com/dtolnay/syn) from 1.0.41 to 1.0.42.
- [Release notes](https://github.com/dtolnay/syn/releases)
- [Commits](https://github.com/dtolnay/syn/compare/1.0.41...1.0.42)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-09-28 05:20:09 +00:00
dependabot-preview[bot]
e105611eb6 build(deps): bump proc-macro2 from 1.0.21 to 1.0.23
Bumps [proc-macro2](https://github.com/alexcrichton/proc-macro2) from 1.0.21 to 1.0.23.
- [Release notes](https://github.com/alexcrichton/proc-macro2/releases)
- [Commits](https://github.com/alexcrichton/proc-macro2/compare/1.0.21...1.0.23)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-09-28 05:19:46 +00:00
Praveen Paladugu
f10872e706 vmm: fix clippy warnings
Signed-off-by: Praveen Paladugu <prapal@microsoft.com>
2020-09-26 14:07:12 +01:00
Praveen Paladugu
4b32252028 hypervisor, vmm: fix clippy warnings
Signed-off-by: Praveen Paladugu <prapal@microsoft.com>
2020-09-26 14:07:12 +01:00
Praveen Paladugu
6ebeaa9246 option_parser: fix clippy warnings
Signed-off-by: Praveen Paladugu <prapal@microsoft.com>
2020-09-26 14:07:12 +01:00
Julio Montes
c54452c08a vmm: openapi: fix integers format
According to openAPI specification[1], the format for `integer` types
can be only `int32` or `int64`, unsigned integers are not supported.
This patch replaces `uint64` with `int64`.

[1]: https://swagger.io/specification/#data-types

Signed-off-by: Julio Montes <julio.montes@intel.com>
2020-09-26 14:05:51 +01:00
Rob Bradford
f762bc7573 arch: x86_64: Create MP table after SMBIOS table if space
In order to speed up the Linux boot (so as to avoid it having to scan a
large number of pages) place the MP table directly after the SMBIOS
table if there is sufficient room. The start address of the SMBIOS table
is one of the three (and the largest) location that the MP table can
also be located at.

Before:
[    0.000399] x86/PAT: Configuration [0-7]: WB  WC  UC- UC  WB  WP  UC- WT
[    0.014945] check: Scanning 1 areas for low memory corruption

After:
[    0.000284] x86/PAT: Configuration [0-7]: WB  WC  UC- UC  WB  WP  UC- WT
[    0.000421] found SMP MP-table at [mem 0x000f0090-0x000f009f]

Signed-off-by: Rob Bradford <robert.bradford@intel.com>
2020-09-25 19:41:24 +02:00
Wei Liu
7e130a65ba vmm: interrupts: adjust set_gsi_routes
There is no point in manually dropping the lock for gsi_msi_routes then
instantly grabbing it again in set_gsi_routes.

Make set_gsi_routes take a reference to the routing hashmap instead.

No functional change intended.

Signed-off-by: Wei Liu <liuwe@microsoft.com>
2020-09-25 17:17:35 +02:00
Hui Zhu
4913acc05e vmm: Add 'balloon' to memory parameters
Add the option 'balloon' to --memory.

Signed-off-by: Hui Zhu <teawater@antfin.com>
2020-09-25 17:13:39 +02:00
Sebastien Boeuf
c85e396ce5 vmm: cpu: x86: Enable MTRR feature in CPUID
The MTRR feature was missing from the CPUID, which is causing the guest
to ignore the MTRR settings exposed through dedicated MSRs.

Signed-off-by: Sebastien Boeuf <sebastien.boeuf@intel.com>
2020-09-25 15:03:52 +02:00
Rob Bradford
f4ec915c5d resources: Remove unused PPS features from kernel config
In particular this removes the annoying PPS messages that fill up the
dmesg log.

Signed-off-by: Rob Bradford <robert.bradford@intel.com>
2020-09-25 14:07:41 +02:00
Sebastien Boeuf
ae44e9c076 resources: Reduce x86_64 kernel configuration to fix warnings
Removing the ISA DMA configurations prevents the kernel from accessing
the port I/O 0x87, which was generating the following warning:

WARN:vmm/src/cpu.rs:378 -- Guest PIO read to unregistered address 0x87

Removing the TELCLOCK configuration prevents the kernel from accessing
the port I/O reserved for the memory manager, which was causing the
following warning:

WARN:vmm/src/memory_manager.rs:289 -- Unexpected offset for accessing
memory manager device: 15

Signed-off-by: Sebastien Boeuf <sebastien.boeuf@intel.com>
2020-09-25 10:22:28 +01:00
Rob Bradford
29b74804e1 main: Improve the error reporting when creating the hypervisor object
The ::new() does very little beyond trying to open the /dev/kvm device
so provide a hint to the user about what has gone wrong.

Signed-off-by: Rob Bradford <robert.bradford@intel.com>
2020-09-25 11:08:01 +02:00
Bo Chen
1d3c3bc6ec tests: Capture child process stdout/err in 'test_memory_mergeable'
Signed-off-by: Bo Chen <chen.bo@intel.com>
2020-09-25 08:40:23 +02:00
Bo Chen
2441798fe4 tests: Resize the pipe size to 256K for capturing child stdout/err
As discussed in #1707, the `vcpu` thread can be stalled when using
`--serial tty`. To workaround that issue, this patch enforces to resize
the pipe size to 256K when we capture the stdout/stderr of the
cloud-hypervisor child process in the integration tests. Note that the
pipe size (256K) is chosen based on the output size of our integration
tests at this point, which may need to be increased in the future.

Signed-off-by: Bo Chen <chen.bo@intel.com>
2020-09-25 08:40:23 +02:00
Bo Chen
365b947023 tests: Port test_simple_launch to the new methodology
This is the last test to be ported to the new methodology.

Signed-off-by: Bo Chen <chen.bo@intel.com>
2020-09-25 08:40:23 +02:00
Bo Chen
cb2f11724a tests: Port test_reboot to the new methodology
Signed-off-by: Bo Chen <chen.bo@intel.com>
2020-09-25 08:40:23 +02:00
Hui Zhu
d03a48162f balloon.rs: BalloonEpollHandler: Fix wrong error in handle_event
error!("Unknown event for virtio-mem");
This error should be
error!("Unknown event for virtio-balloon");

Signed-off-by: Hui Zhu <teawater@antfin.com>
2020-09-25 08:36:23 +02:00
Sebastien Boeuf
de88bef429 pci: msix: Fix masking/enabling semantics
By looking at Linux kernel boot time, we identified that a lot of time
was spent registering and unregistering IRQ fds to KVM. This is not
efficient and certainly not a wrong behavior from the Linux kernel,
but rather a problem with the Cloud-Hypervisor's implementation of
MSI-X.

The way to fix this issue is by ensuring the initial conditions are
correct, which means the entire MSI-X vector table must be disabled
and masked. Additionally, each vector must be individually masked.

With these correct conditions, Linux won't start masking interrupt
vectors, and later unmask them since they will be seen as masked from
the beginning. This means the OS will simply have to unmask them when
needed, avoiding the extra operation.

Another aspect of this patch is to prevent Cloud-Hypervisor from
enabling (by registering IRQ fd) all vectors when either the global
'mask' or 'enable' bits are set. Instead, we can simply let the mask()
and unmask() operations take care of it if needed.

Signed-off-by: Sebastien Boeuf <sebastien.boeuf@intel.com>
2020-09-24 22:29:16 +02:00
Sebastien Boeuf
64351c1f3f build: Update Cargo.lock
Signed-off-by: Sebastien Boeuf <sebastien.boeuf@intel.com>
2020-09-23 19:03:19 +02:00
Sebastien Boeuf
2eaf1c70c0 vmm: acpi: Advertise the correct PCI bus range
Since Cloud-Hypervisor currently support one single PCI bus, we must
reflect this through the MCFG table, as it advertises the first bus and
the last bus available. In this case both are bus 0.

This patch saves quite some time during guest kernel boot, as it
prevents from checking each bus for available devices.

Signed-off-by: Sebastien Boeuf <sebastien.boeuf@intel.com>
2020-09-23 19:03:19 +02:00
Sebastien Boeuf
ec56710c9b devices: ioapic: Mask entries by default
When created, the IOAPIC entries should be masked, as it is the guest's
responsibility (FW and/or OS) to unmask them if/when necessary.

This patch saves a full round of port I/O writes from the guest to the
IOAPIC, meant for masking the unmasked entries.

Because they're now masked, the entries are not enabled, which means
they are not connected from a KVM perspective, saving from unneeded
registration/unregistration of the irq fds.

Signed-off-by: Sebastien Boeuf <sebastien.boeuf@intel.com>
2020-09-23 19:03:19 +02:00
Sebastien Boeuf
827810dbd5 ci: Fix virtiofsd build by staying on older branch
While we figure out the details on how to correctly build virtiofsd from
the latest rebase from the branch "virtio-fs-dev" (which now relies on
QEMU's new build system), let's fix the CI by relying on an older branch
which still relies on the previous build system.

Signed-off-by: Sebastien Boeuf <sebastien.boeuf@intel.com>
2020-09-23 17:06:34 +01:00
Henry Wang
c85c1f0d76 ci: AArch64: enable snapshot/restore integration test case
Signed-off-by: Henry Wang <Henry.Wang@arm.com>
2020-09-23 12:37:25 +01:00
Henry Wang
961c5f2cb2 vmm: AArch64: enable VM states save/restore for AArch64
The states of GIC should be part of the VM states. This commit
enables the AArch64 VM states save/restore by adding save/restore
of GIC states.

Signed-off-by: Henry Wang <Henry.Wang@arm.com>
2020-09-23 12:37:25 +01:00
Henry Wang
7c40a78b66 arch: Fix wrong trial of creating GICv3-ITS for non-PCI use cases
Currently for AArch64, the GICv3-ITS is tried to be created first
when PCI is not needed, which is unnecessary. This commit fixes
the problem.

Signed-off-by: Henry Wang <Henry.Wang@arm.com>
2020-09-23 12:37:25 +01:00
Henry Wang
3ea4a0797d vmm: seccomp: unify AArch64 and x86_64 FTRUNCATE syscall
The definition of libc::SYS_ftruncate on AArch64 is different
from that on x86_64. This commit unifies the previously hard-coded
syscall number for AArch64.

Signed-off-by: Henry Wang <Henry.Wang@arm.com>
2020-09-23 12:37:25 +01:00
Henry Wang
48544e4e82 vmm: seccomp: whitelist KVM_GET_REG_LIST in seccomp
`KVM_GET_REG_LIST` ioctl is needed in save/restore AArch64 vCPU.
Therefore we whitelist this ioctl in seccomp.

Also this commit unifies the `SYS_FTRUNCATE` syscall for x86_64
and AArch64.

Signed-off-by: Henry Wang <Henry.Wang@arm.com>
2020-09-23 12:37:25 +01:00
Henry Wang
c6b47d39e0 vmm: refactor vCPU save/restore code in restoring VM
Similarly as the VM booting process, on AArch64 systems,
the vCPUs should be created before the creation of GIC. This
commit refactors the vCPU save/restore code to achieve the
above-mentioned restoring order.

Signed-off-by: Henry Wang <Henry.Wang@arm.com>
2020-09-23 12:37:25 +01:00
Henry Wang
970a5a410d vmm: decouple vCPU init from configure_vcpus
Since calling `KVM_GET_ONE_REG` before `KVM_VCPU_INIT` will
result in an error: Exec format error (os error 8). This commit
decouples the vCPU init process from `configure_vcpus`. Therefore
in the process of restoring the vCPUs, these vCPUs can be
initialized separately before started.

Signed-off-by: Henry Wang <Henry.Wang@arm.com>
2020-09-23 12:37:25 +01:00
Henry Wang
47e65cd341 vmm: AArch64: add methods to get saved vCPU states
The construction of `GICR_TYPER` register will need vCPU states.
Therefore this commit adds methods to extract saved vCPU states
from the cpu manager.

Signed-off-by: Henry Wang <Henry.Wang@arm.com>
2020-09-23 12:37:25 +01:00
Henry Wang
381d0b4372 devices: remove the migration traits for the Gic struct
Unlike x86_64, the "interrupt_controller" in the device manager
for AArch64 is only a `Gic` object that implements the
`InterruptController` to provide the interrupt delivery service.
This is not the real GIC device so that we do not need to save
its states. Also, we do not need to insert it to the device_tree.

Signed-off-by: Henry Wang <Henry.Wang@arm.com>
2020-09-23 12:37:25 +01:00
Henry Wang
39c9583b48 arch: AArch64: implement save/restore for GICv3
This commit implements the save/restore for GICv3.

Signed-off-by: Henry Wang <Henry.Wang@arm.com>
2020-09-23 12:37:25 +01:00
Henry Wang
7ddcad1d8b arch: AArch64: add a field gicr_typers for GIC implementations
The value of GIC register `GICR_TYPER` is needed in restoring
the GIC states. This commit adds a field in the GIC device struct
and a method to construct its value.

Signed-off-by: Henry Wang <Henry.Wang@arm.com>
2020-09-23 12:37:25 +01:00
Henry Wang
dcf6d9d731 device_manager: AArch64: add a field to set/get GIC device entity
In AArch64 systems, the state of GIC device can only be
retrieved from `KVM_GET_DEVICE_ATTR` ioctl. Therefore to implement
saving/restoring the GIC states, we need to make sure that the
GIC object (either the file descriptor or the device itself) can
be extracted after the VM is started.

This commit refactors the code of GIC creation by adding a new
field `gic_device_entity` in device manager and methods to set/get
this field. The GIC object can be therefore saved in the device
manager after calling `arch::configure_system`.

Signed-off-by: Henry Wang <Henry.Wang@arm.com>
2020-09-23 12:37:25 +01:00
Henry Wang
e7acbcc184 arch: AArch64: support saving RDIST pending tables into guest RAM
This commit adds a function which allows to save RDIST pending
tables to the guest RAM, as well as unit test case for it.

Signed-off-by: Henry Wang <Henry.Wang@arm.com>
2020-09-23 12:37:25 +01:00