Commit Graph

668 Commits

Author SHA1 Message Date
Ruoqing He
5a70d7ec69 build: Centralize rust-vmm crates to workspace
Modify `Cargo.toml` in each member crate to follow the dependencies
specified in root `Cargo.toml` file.

Signed-off-by: Ruoqing He <heruoqing@iscas.ac.cn>
2024-09-27 15:58:21 +00:00
Rob Bradford
d90fa96bb7 build: Bulk update vm-memory and related dependencies
Signed-off-by: Rob Bradford <rbradford@rivosinc.com>
2024-09-26 12:31:25 +00:00
Nuno Das Neves
9f08aa6dc2 hypervisor: mshv: Update mshv crates to v0.3.0
And modify to code to use the updated interfaces.

Arguments for map_guest_memory, get_dirty_bitmap, vp.run(),
import_isolated_pages, modify_gpa_host_access have changed.
Update these to use the new interfaces, including new MSHV_*
definitions, and remove some redundant arguments.

Update seccomp IOCTLs to reflect interface changes.

Fix irq-related definitions naming.

Bump vfio-ioctls to support mshv v0.3.0.

Signed-off-by: Nuno Das Neves <nudasnev@microsoft.com>
2024-09-25 16:23:45 +00:00
Ruoqing He
e8697735d1 hypervisor: cpu: Fix GetRegList comment
`GetRegList` variant will be referenced on both Aarch and RISC-V. Fixed
comment to generalize this error variant.

Signed-off-by: Ruoqing He <heruoqing@iscas.ac.cn>
2024-09-23 12:06:25 +00:00
Ruoqing He
2668dbbd8b hypervisor: cpu: Expand Set/GetCoreRegisters variant
Since RISC-V has its own definition of `CoreRegister`, expand the Aarch
variant to avoid collision of `HypervisorCpuError`.

Signed-off-by: Ruoqing He <heruoqing@iscas.ac.cn>
2024-09-23 12:06:25 +00:00
Ruoqing He
e9f137dc4a hypervisor: cpu: Fix get/set one reg error message
The error message of `SetRegister` and `GetRegister` fail to describe
the reason as the error variant suggests. Fixed error message
accordingly.

Signed-off-by: Ruoqing He <heruoqing@iscas.ac.cn>
2024-09-23 12:06:25 +00:00
dependabot[bot]
4e64df1005 build: Bump anyhow from 1.0.86 to 1.0.87
Bumps [anyhow](https://github.com/dtolnay/anyhow) from 1.0.86 to 1.0.87.
- [Release notes](https://github.com/dtolnay/anyhow/releases)
- [Commits](https://github.com/dtolnay/anyhow/compare/1.0.86...1.0.87)

---
updated-dependencies:
- dependency-name: anyhow
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-09-10 00:03:10 +00:00
Bo Chen
37756c5d32 build: Update kvm-bindings related dependencies
Particularly update kvm-bindings, kvm-ioctls, vfio-bindings,
and vfio-ioctls.

Signed-off-by: Bo Chen <chen.bo@intel.com>
2024-09-09 21:01:21 +00:00
Bo Chen
60c8a72e29 misc: Fix various warnings from clippy 0.1.82
An example warning output is:

error: first doc comment paragraph is too long
   --> virtio-devices/src/lib.rs:158:1
    |
158 | / /// Convert an absolute address into an address space (GuestMemory)
159 | | /// to a host pointer and verify that the provided size define a valid
160 | | /// range within a single memory region.
161 | | /// Return None if it is out of bounds or if addr+size overlaps a single region.
    | |_
    |
    = help: for further information visit https://rust-lang.github.io/rust-clippy/master/index.html#too_long_first_doc_paragraph
    = note: `-D clippy::too-long-first-doc-paragraph` implied by `-D warnings`
    = help: to override `-D warnings` add `#[allow(clippy::too_long_first_doc_paragraph)]`

Signed-off-by: Bo Chen <chen.bo@intel.com>
2024-09-07 09:40:20 +00:00
dependabot[bot]
68468b8519 build: Bump libc from 0.2.155 to 0.2.158
Bumps [libc](https://github.com/rust-lang/libc) from 0.2.155 to 0.2.158.
- [Release notes](https://github.com/rust-lang/libc/releases)
- [Changelog](https://github.com/rust-lang/libc/blob/0.2.158/CHANGELOG.md)
- [Commits](https://github.com/rust-lang/libc/compare/0.2.155...0.2.158)

---
updated-dependencies:
- dependency-name: libc
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-09-06 00:04:34 +00:00
Wenyu Huang
d2a364c5c0 vmm: Add support for enabling SVE in vm guests
This change enables SVE automatically if the host support SVE/SVE2.

Signed-off-by: Wenyu Huang <huangwenyuu@outlook.com>
2024-09-04 08:33:37 +01:00
Tom Dohrmann
8fd0310db9 hypervisor: mshv: implement extended guest requests with empty certs
Previously we didn't handle extended guest requests at all and always
returned an error. This lead to issues with some guests that expected
extended requests to succeed. Instead, handle extended requests like
normal requests and write zeros to the extended area to signal to the
guest that we don't want to supply any additional certificate data.

Signed-off-by: Tom Dohrmann <erbse.13@gmx.de>
2024-08-30 18:36:54 +00:00
Tom Dohrmann
486c61da5e hypervisor: mshv: add helpers for reading and writing guest memory
Signed-off-by: Tom Dohrmann <erbse.13@gmx.de>
2024-08-30 18:36:54 +00:00
Jinank Jain
c93e1aa12e hypervisor: Remove unnecessary redefinition of kvm_regs as StandardRegs
In case of ARM64 kvm_regs are considered as StandardRegister which is no
longer required since we have defined architecture independent
StandardRegisters in hypervisor crate.

Signed-off-by: Jinank Jain <jinankjain@microsoft.com>
2024-08-30 17:04:37 +00:00
Jinank Jain
ba262e45a4 hypervisor: vmm: Switch to common StandardRegisters implementation
Use the StandardRegisters defined in the hypervisor crate instead of
re-defining it from MSHV/KVM crate.

Signed-off-by: Jinank Jain <jinankjain@microsoft.com>
2024-08-30 17:04:37 +00:00
Jinank Jain
a987c3d0fc hypervisor: Define helper function for setting ARM64 KVM regs
This change is along the lines of x86 platform which defined similar
convinence macros to access the StandardRegisters.

Signed-off-by: Jinank Jain <jinankjain@microsoft.com>
2024-08-30 17:04:37 +00:00
Anirudh Rayabharam
f63c2d896f hypervisor: mshv: implement get_guest_debug_hw_bps
Implement get_guest_debug_hw_bps() for mshv and simply return 0 for now.
This unblocks the usage of the crashdump feature with mshv. If left
unimplemented, Cloud Hypervisor built with mshv and guest_debug features
crashes immediately upon start due to unimplemented!() macro.

Signed-off-by: Anirudh Rayabharam <anrayabh@microsoft.com>
2024-08-27 16:11:52 +00:00
Tom Dohrmann
ca88d4449e hypervisor: mshv: Fix panic when rejecting extended guest report
swei2_rw_gpa_arg.data is an array of size 16 and value.to_le_bytes() is
only 8 bytes.

Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
Signed-off-by: Tom Dohrmann <erbse.13@gmx.de>
2024-08-22 18:13:50 +00:00
Jinank Jain
4c99aea6c4 hypervisor: Switch to use the new StandardRegisters
With this we are removing the CloudHypervisor definition of
StandardRegisters instead using an enum which contains different
variants of StandardRegisters coming from their bindigs crate.

Signed-off-by: Jinank Jain <jinankjain@microsoft.com>
2024-08-19 21:41:22 +00:00
Jinank Jain
8f3bd4d9ec hypervisor: Implement getter/setter for StandardRegisters
This would be used to abstract away differences in KVM/MSHV
representation of StandardRegisters.

Signed-off-by: Jinank Jain <jinankjain@microsoft.com>
2024-08-19 21:41:22 +00:00
Jinank Jain
feb0a36067 hypervisor: Implement StandardRegisters as union of KVM & MSHV
Currently we are redefining StandardRegisters instead of using the ones
coming from bindings. With this we can remove the unnecessary
construction of global structure which contains fields from different
hypervisor dependent structs.

Signed-off-by: Jinank Jain <jinankjain@microsoft.com>
2024-08-19 21:41:22 +00:00
Jinank Jain
3645654c39 hypervisor: Add an API to create default StandardRegisters
This will be used to create StandardRegisters for a given vcpu in
future.

Signed-off-by: Jinank Jain <jinankjain@microsoft.com>
2024-08-19 21:41:22 +00:00
dependabot[bot]
a229afbc24 build: Bump serde from 1.0.203 to 1.0.208
Bumps [serde](https://github.com/serde-rs/serde) from 1.0.203 to 1.0.208.
- [Release notes](https://github.com/serde-rs/serde/releases)
- [Commits](https://github.com/serde-rs/serde/compare/v1.0.203...v1.0.208)

---
updated-dependencies:
- dependency-name: serde
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-08-17 00:02:04 +00:00
Nuno Das Neves
00b4d97826 vmm: Replace hardcoded mshv IOCTL numbers in seccomp
Use the IOCTL numbers directly from mshv-ioctls instead of hardcoding
them in the seccomp filters.

Remove seccomp rules for unused ioctls:
MSHV_GET_VERSION_INFO,
MSHV_ASSERT_INTERRUPT.

Signed-off-by: Nuno Das Neves <nudasnev@microsoft.com>
2024-08-13 18:52:46 +00:00
Jinank Jain
3fe7d6d904 hypervisor: mshv: Disable previous GHCB page before setting new one
CVM guests can configure GHCB page multiple times during it's
lifetime depending on it's requirement. For example a Linux CVM guest
configures a different GHCB page during compressed kernel boot and sets
up a new one after decompressing the kernel. As a cleanup step, VMM
should unset the previous GHCB page before registering a new one for
a particular vcpu thread.

Signed-off-by: Jinank Jain <jinankjain@microsoft.com>
2024-08-13 16:59:31 +00:00
Alyssa Ross
02f146fef8 hypervisor: kvm: aarch64: fix get_device_attr() UB
DeviceFd::get_device_attr should be marked as unsafe, because it
allows writing to an arbitrary address.  I have opened a kvm-ioctls
PR[1] to fix this.  The hypervisor crate was using the function
unsafely by passing it addresses of immutable variables.  I noticed
this because an optimisation change[2] in Rust 1.80.0 caused the
kvm::aarch64::gic::tests::test_get_set_icc_regs test to start failing
when built in release mode.

To fix this, I've broken up the _access functions into _set and _get
variants, with the _get variant using a pointer to a mutable variable.
This has the side effect of making these functions a bit nicer to use,
because the caller now has no need to use references at all, for
either getting or setting.

[1]: https://github.com/rust-vmm/kvm-ioctls/pull/273
[2]: d2d24e395a

Signed-off-by: Alyssa Ross <hi@alyssa.is>
2024-08-13 16:16:11 +00:00
Wei Liu
1c7997c5c3 hypervisor: x86: emulate MOVSQ
Signed-off-by: Wei Liu <liuwe@microsoft.com>
2024-08-10 23:49:09 +00:00
dependabot[bot]
fee769bed4 build: Bump libc from 0.2.153 to 0.2.155
Bumps [libc](https://github.com/rust-lang/libc) from 0.2.153 to 0.2.155.
- [Release notes](https://github.com/rust-lang/libc/releases)
- [Commits](https://github.com/rust-lang/libc/compare/0.2.153...0.2.155)

---
updated-dependencies:
- dependency-name: libc
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-08-10 00:43:15 +00:00
Muminul Islam
5c4b5c0e40 hypervisor: mshv: add definition to get access pages
Signed-off-by: Muminul Islam <muislam@microsoft.com>
2024-08-09 17:40:13 +00:00
dependabot[bot]
513973873c build: Bump igvm from 0.3.1 to 0.3.3
Bumps [igvm](https://github.com/microsoft/igvm) from 0.3.1 to 0.3.3.
- [Release notes](https://github.com/microsoft/igvm/releases)
- [Commits](https://github.com/microsoft/igvm/compare/igvm-v0.3.1...igvm-v0.3.3)

---
updated-dependencies:
- dependency-name: igvm
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-08-02 23:56:38 +00:00
dependabot[bot]
dc72ef42dc build: Bump serde_with from 3.7.0 to 3.9.0
Bumps [serde_with](https://github.com/jonasbb/serde_with) from 3.7.0 to 3.9.0.
- [Release notes](https://github.com/jonasbb/serde_with/releases)
- [Commits](https://github.com/jonasbb/serde_with/compare/v3.7.0...v3.9.0)

---
updated-dependencies:
- dependency-name: serde_with
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-08-02 00:35:54 +00:00
dependabot[bot]
ddc3f194aa build: Bump anyhow from 1.0.81 to 1.0.86
Bumps [anyhow](https://github.com/dtolnay/anyhow) from 1.0.81 to 1.0.86.
- [Release notes](https://github.com/dtolnay/anyhow/releases)
- [Commits](https://github.com/dtolnay/anyhow/compare/1.0.81...1.0.86)

---
updated-dependencies:
- dependency-name: anyhow
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-07-26 00:25:08 +00:00
Jinank Jain
330e1aac36 hypervisor: mshv: Clear SW_EXIT_INFO1 in case of no error
There were some scenarios where we are not clearing SW_EXIT_INFO1 to
indicate that there were no error while handling the GHCB exit.
Recently, new Linux guests got stricter with checking the value of
SW_EXIT_INFO1 after coming back from VMGEXIT and started crashing. Fix
this behavior by clearing out SW_EXIT_INFO1 in case of no error.

Signed-off-by: Jinank Jain <jinankjain@microsoft.com>
2024-07-24 01:31:10 +00:00
Wei Liu
824e83ab0d hypervisor: x86: emulate STOS
Signed-off-by: Wei Liu <liuwe@microsoft.com>
2024-07-22 15:07:59 +00:00
dependabot[bot]
8803e4a2e7 build: Bump thiserror from 1.0.61 to 1.0.62
Bumps [thiserror](https://github.com/dtolnay/thiserror) from 1.0.61 to 1.0.62.
- [Release notes](https://github.com/dtolnay/thiserror/releases)
- [Commits](https://github.com/dtolnay/thiserror/compare/1.0.61...1.0.62)

---
updated-dependencies:
- dependency-name: thiserror
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-07-17 08:00:35 +00:00
dependabot[bot]
dec4a82058 build: Bump log from 0.4.21 to 0.4.22
Bumps [log](https://github.com/rust-lang/log) from 0.4.21 to 0.4.22.
- [Release notes](https://github.com/rust-lang/log/releases)
- [Changelog](https://github.com/rust-lang/log/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rust-lang/log/compare/0.4.21...0.4.22)

---
updated-dependencies:
- dependency-name: log
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-07-16 06:20:32 +00:00
Jinank Jain
b73d94f969 hypervisor: mshv: Refactor x86 emulator into different module
This is a preparatory work to make space for ARM64 emulator.
There is no functional change in this commit, just moving code from one
file to another.

Signed-off-by: Jinank Jain <jinankjain@microsoft.com>
2024-07-15 23:05:11 +00:00
Jinank Jain
ead4f767ff hypervisor: mshv: Restrict dependency to x86
iced_x86 is only available on x86 architecture.

Signed-off-by: Jinank Jain <jinankjain@microsoft.com>
2024-07-15 23:05:11 +00:00
Wei Liu
18340d9761 hypervisor: mshv: fine-grained control over translation flags
The assertion that only code emulation requires GVA to GPA translation
is wrong.

Allow the caller of `translate` to pass in permission flags directly.

Provide a new method `read_memory_flags` so that we can add the EXECUTE
permission flag where necessary.

Signed-off-by: Wei Liu <liuwe@microsoft.com>
2024-07-12 16:12:33 +00:00
Wei Liu
cfaa192eb4 hypervisor: emulator: drop the unused gva_to_gpa hook
That function is too limiting. It doesn't consider page permissions. It
is not used, so just drop it.

Signed-off-by: Wei Liu <liuwe@microsoft.com>
2024-07-12 16:12:33 +00:00
Wei Liu
14b45e4d2e hypervisor: mshv: handle GPA intercept
We will start receiving GPA intercepts. For our use cases they are
handled the same way as UNMAPPED GPA intercepts.

Put in some logging to distinguish the two cases.

Signed-off-by: Wei Liu <liuwe@microsoft.com>
2024-07-04 18:45:01 +00:00
Wei Liu
519476e842 hypervisor: mshv: relax the requirement for instruction emulation
Previously we required the hypervisor to give us a valid instruction
stream. That worked well enough because we never hit any edge conditions
(such as when the instruction stream crosses page boundary).

Now that MSHV can deal with partial or empty instruction stream, we can
remove that requirement.

Signed-off-by: Wei Liu <liuwe@microsoft.com>
2024-07-04 18:45:01 +00:00
Wei Liu
5fec858130 hypervisor: mshv: implement fetching instructions in emulator
Signed-off-by: Wei Liu <liuwe@microsoft.com>
2024-07-04 18:45:01 +00:00
Wei Liu
67f22b6aa4 hypervisor: mshv: fix GVA translation flags
Original we checked for R and W, but that code path never got executed.

It is now understood that we can only get here when we execute code. Fix
the permission flags.

Signed-off-by: Wei Liu <liuwe@microsoft.com>
2024-07-04 18:45:01 +00:00
Wei Liu
1eb4133034 hypervisor: x86: emulator: set IP properly for newly fetched stream
The default value of IP is zero. If the decoder's state not set
properly, then the guest state is going to be wrong.

Signed-off-by: Wei Liu <liuwe@microsoft.com>
2024-07-04 18:45:01 +00:00
Wei Liu
7c608f6380 hypervisor: x86: emulator: accept empty instruction stream input
The emulator should fetch from memory just fine.

Signed-off-by: Wei Liu <liuwe@microsoft.com>
2024-07-02 14:59:50 +00:00
Wei Liu
3ad8d24943 hypervisor: x86: emulator: fix a variable
Comparing RAX with RIP makes no logical sense other than RIP happens to
be the correct value. Use `target_rax` instead.

Signed-off-by: Wei Liu <liuwe@microsoft.com>
2024-07-02 14:59:50 +00:00
Wei Liu
56c6c02724 hypervisor: x86: emulator: test executing only one instruction
Signed-off-by: Wei Liu <liuwe@microsoft.com>
2024-07-02 14:59:50 +00:00
Wei Liu
19b0ea842b hypervisor: x86: emulator: add the second instruction to test comment
Signed-off-by: Wei Liu <liuwe@microsoft.com>
2024-07-02 14:59:50 +00:00
Rob Bradford
08cf983d42 build: Fix Cargo.toml formatting
In 42e9632c53 a fix was made to address a
typo in the taplo configuration file. Fixing this typo indicated that
many Cargo.toml files were no longer adhering to the formatting rules.
Fix the formatting by running `taplo fmt`.

Signed-off-by: Rob Bradford <rbradford@rivosinc.com>
2024-06-18 16:19:12 +00:00