Commit Graph

2630 Commits

Author SHA1 Message Date
Bo Chen
9682d74763 vmm: seccomp: Add seccomp filters for signal_handler worker thread
This patch covers the last worker thread with dedicated secomp filters.

Fixes: #925

Signed-off-by: Bo Chen <chen.bo@intel.com>
2020-09-11 07:42:31 +02:00
Bo Chen
2612a6df29 vmm: seccomp: Add seccomp filters for the vcpu worker thread
Partially fixes: #925

Signed-off-by: Bo Chen <chen.bo@intel.com>
2020-09-11 07:42:31 +02:00
Rob Bradford
d793cc4da3 vmm: device_manager: Extract common PCI code
Extract common code for adding devices to the PCI bus into its own
function from the VFIO and VIRTIO code paths.

Signed-off-by: Rob Bradford <robert.bradford@intel.com>
2020-09-11 07:33:18 +02:00
dependabot-preview[bot]
cd8c38384e build(deps): bump getrandom from 0.1.14 to 0.1.15
Bumps [getrandom](https://github.com/rust-random/getrandom) from 0.1.14 to 0.1.15.
- [Release notes](https://github.com/rust-random/getrandom/releases)
- [Changelog](https://github.com/rust-random/getrandom/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rust-random/getrandom/compare/v0.1.14...v0.1.15)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-09-10 11:53:56 +00:00
Rob Bradford
15025d71b1 devices, vm-device: Move BusDevice and Bus into vm-device
This removes the dependency of the pci crate on the devices crate which
now only contains the device implementations themselves.

Signed-off-by: Rob Bradford <robert.bradford@intel.com>
2020-09-10 09:35:38 +01:00
dependabot-preview[bot]
f24a12913a build(deps): bump libc from 0.2.76 to 0.2.77
Bumps [libc](https://github.com/rust-lang/libc) from 0.2.76 to 0.2.77.
- [Release notes](https://github.com/rust-lang/libc/releases)
- [Commits](https://github.com/rust-lang/libc/compare/0.2.76...0.2.77)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-09-10 06:45:09 +00:00
dependabot-preview[bot]
7fddb9aa4f build(deps): bump proc-macro2 from 1.0.20 to 1.0.21
Bumps [proc-macro2](https://github.com/alexcrichton/proc-macro2) from 1.0.20 to 1.0.21.
- [Release notes](https://github.com/alexcrichton/proc-macro2/releases)
- [Commits](https://github.com/alexcrichton/proc-macro2/compare/1.0.20...1.0.21)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-09-09 22:28:52 +01:00
Bo Chen
3c923f0727 virtio-devices: seccomp: Add seccomp filters for virtio_vsock thread
This patch enables the seccomp filters for the virtio_vsock worker
thread.

Partially fixes: #925

Signed-off-by: Bo Chen <chen.bo@intel.com>
2020-09-09 17:04:39 +01:00
Bo Chen
1175fa2bc7 virtio-devices: seccomp: Add seccomp filters for blk_io_uring thread
This patch enables the seccomp filters for the block_io_uring worker
thread.

Partially fixes: #925

Signed-off-by: Bo Chen <chen.bo@intel.com>
2020-09-09 17:04:39 +01:00
Sebastien Boeuf
56b0c85578 ci: Introduce SGX integration testing
Extending the Cloud-Hypervisor CI to allow for testing SGX on a
dedicated machine where special image and kernels are ready.

Signed-off-by: Sebastien Boeuf <sebastien.boeuf@intel.com>
2020-09-09 15:33:49 +02:00
Rob Bradford
a86a2711f8 ch-remote: Support using unit suffices for "resize"
Remove the requirement for the user to calculate the size they want in
bytes.

Fixes: #1596

Signed-off-by: Rob Bradford <robert.bradford@intel.com>
2020-09-08 22:27:34 +02:00
Rob Bradford
42de27b215 virtio-devices: Remove virtio_pausable! macros
These are no longer needed as virtio device pausing is handledby
VirtioCommon.

Signed-off-by: Rob Bradford <robert.bradford@intel.com>
2020-09-07 17:39:30 +02:00
Rob Bradford
a641f8930f virtio-devices: virtio-vsock: Port to VirtioCommon
Use VirtioCommon to handle activate() preparation, reset() and Pausable.

Signed-off-by: Rob Bradford <robert.bradford@intel.com>
2020-09-07 17:39:30 +02:00
Rob Bradford
12f90569e2 virtio-devices: vhost-user-net: Port to VirtioCommon
Use VirtioCommon to handle activate() preparation, reset() and Pausable.

Signed-off-by: Rob Bradford <robert.bradford@intel.com>
2020-09-07 17:39:30 +02:00
Rob Bradford
d33a1a5313 virtio-devices: vhost-user-fs: Port to VirtioCommon
Use VirtioCommon to handle activate() preparation, reset() and Pausable.

Signed-off-by: Rob Bradford <robert.bradford@intel.com>
2020-09-07 17:39:30 +02:00
Rob Bradford
1e4b612d39 virtio-devices: vhost-user-block: Port to VirtioCommon
Use VirtioCommon to handle activate() preparation, reset() and Pausable.

Signed-off-by: Rob Bradford <robert.bradford@intel.com>
2020-09-07 17:39:30 +02:00
Wei Liu
53f4fed516 hypervisor: drop get_api_version from Hypervisor trait
The new function already checks if the API version is compatible. There
is no need to expose the get_api_version function to code outside
hypervisor crate.

Signed-off-by: Wei Liu <liuwe@microsoft.com>
2020-09-07 11:59:08 +01:00
Wei Liu
d73971e407 hypervisor: kvm: check API compatibility
Signed-off-by: Wei Liu <liuwe@microsoft.com>
2020-09-07 11:59:08 +01:00
Bo Chen
559d1840d8 build: Use the crate version when the 'git describe' command failed
In our build-script (build.rs), we won't set the environment variable
'BUILD_VERSION' when the 'git describe' command failed (e.g. when the
current source tree does not contain git information). This patch added
a fall back path where the default value of 'BUILD_VERSION' is based on
the 'cloud-hypervisor' crate version.

Fixes: #1669

Signed-off-by: Bo Chen <chen.bo@intel.com>
2020-09-07 12:03:57 +02:00
dependabot-preview[bot]
318ad83509 build(deps): bump syn from 1.0.39 to 1.0.40
Bumps [syn](https://github.com/dtolnay/syn) from 1.0.39 to 1.0.40.
- [Release notes](https://github.com/dtolnay/syn/releases)
- [Commits](https://github.com/dtolnay/syn/compare/1.0.39...1.0.40)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-09-07 05:39:02 +00:00
Sebastien Boeuf
e15dba2925 vmm: Rename NUMA option 'id' into 'guest_numa_id'
The goal of this commit is to rename the existing NUMA option 'id' with
'guest_numa_id'. This is done without any modification to the way this
option behaves.

The reason for the rename is caused by the observation that all other
parameters with an option called 'id' expect a string to be provided.

Because in this particular case we expect a u32 representing a proximity
domain from the ACPI specification, it's better to name it with a more
explicit name.

Signed-off-by: Sebastien Boeuf <sebastien.boeuf@intel.com>
2020-09-07 07:37:14 +02:00
Sebastien Boeuf
55e9827e00 docs: Update memory documentation
Based on the recent changes regarding how to describe NUMA nodes to the
guest, the documentation related to memory zones and NUMA has been
updated accordingly.

Signed-off-by: Sebastien Boeuf <sebastien.boeuf@intel.com>
2020-09-07 07:37:14 +02:00
Sebastien Boeuf
bf5e028016 ci: Update memory zone and NUMA integration tests
Since both --memory-zone and --numa parameters have been updated with
addition and removal of multiple options, this commit updates the
related integration tests to ensure they are still valid.

Signed-off-by: Sebastien Boeuf <sebastien.boeuf@intel.com>
2020-09-07 07:37:14 +02:00
Sebastien Boeuf
1970ee89da main, vmm: Remove guest_numa_node option from memory zones
The way to describe guest NUMA nodes has been updated through previous
commits, letting the user describe the full NUMA topology through the
--numa parameter (or NumaConfig).

That's why we can remove the deprecated and unused 'guest_numa_node'
option.

Signed-off-by: Sebastien Boeuf <sebastien.boeuf@intel.com>
2020-09-07 07:37:14 +02:00
Sebastien Boeuf
f21c04166a vmm: Move NUMA node list creation to Vm structure
Based on the previous changes introducing new options for both memory
zones and NUMA configuration, this patch changes the behavior of the
NUMA node definition. Instead of relying on the memory zones to define
the guest NUMA nodes, everything goes through the --numa parameter. This
allows for defining NUMA nodes without associating any particular memory
range to it. And in case one wants to associate one or multiple memory
ranges to it, the expectation is to describe a list of memory zone
through the --numa parameter.

Signed-off-by: Sebastien Boeuf <sebastien.boeuf@intel.com>
2020-09-07 07:37:14 +02:00
Sebastien Boeuf
dc42324351 vmm: Add 'memory_zones' option to NumaConfig
This new option provides a new way to describe the memory associated
with a NUMA node. This is the first step before we can remove the
'guest_numa_node' option from the --memory-zone parameter.

Signed-off-by: Sebastien Boeuf <sebastien.boeuf@intel.com>
2020-09-07 07:37:14 +02:00
Sebastien Boeuf
5d7215915f vmm: memory_manager: Store a list of memory zones
Now that we have an identifier per memory zone, and in order to keep
track of the memory regions associated with the memory zones, we create
and store a map referencing list of memory regions per memory zone ID.

Signed-off-by: Sebastien Boeuf <sebastien.boeuf@intel.com>
2020-09-07 07:37:14 +02:00
Sebastien Boeuf
3ff82b4b65 main, vmm: Add mandatory id to memory zones
In anticipation for allowing memory zones to be removed, but also in
anticipation for refactoring NUMA parameter, we introduce a mandatory
'id' option to the --memory-zone parameter.

This forces the user to provide a unique identifier for each memory zone
so that we can refer to these.

Signed-off-by: Sebastien Boeuf <sebastien.boeuf@intel.com>
2020-09-07 07:37:14 +02:00
Rob Bradford
c37fb5b602 virtio-devices: rng: Port to VirtioCommon
Use VirtioCommon to handle activate() preparation, reset() and Pausable.

Signed-off-by: Rob Bradford <robert.bradford@intel.com>
2020-09-05 10:06:39 +01:00
Rob Bradford
d5d0b8566b virtio-devices: pmem: Port to VirtioCommon
Use VirtioCommon to handle activate() preparation, reset() and Pausable.

Signed-off-by: Rob Bradford <robert.bradford@intel.com>
2020-09-05 10:06:39 +01:00
Rob Bradford
30f4f2b9ab virtio-devices: net: Port to VirtioCommon
Use VirtioCommon to handle activate() preparation, reset() and Pausable.

Signed-off-by: Rob Bradford <robert.bradford@intel.com>
2020-09-05 10:06:39 +01:00
Rob Bradford
df8a55ab11 virtio-devices: mem: Port to VirtioCommon
Use VirtioCommon to handle activate() preparation, reset() and Pausable.

Signed-off-by: Rob Bradford <robert.bradford@intel.com>
2020-09-05 10:06:39 +01:00
Rob Bradford
376babb21e virtio-devices: iommu: Port to VirtioCommon
Use VirtioCommon to handle activate() preparation, reset() and Pausable.

Signed-off-by: Rob Bradford <robert.bradford@intel.com>
2020-09-05 10:06:39 +01:00
Rob Bradford
f6b75c683f virtio-devices: console: Port to VirtioCommon
Use VirtioCommon to handle activate() preparation, reset() and Pausable.

Signed-off-by: Rob Bradford <robert.bradford@intel.com>
2020-09-05 10:06:39 +01:00
Rob Bradford
360d6702b6 virtio-devices: block_io_uring: Port to VirtioCommon
Use VirtioCommon to handle activate() preparation, reset() and Pausable.

Signed-off-by: Rob Bradford <robert.bradford@intel.com>
2020-09-05 10:06:39 +01:00
Rob Bradford
3c6fd5634d virtio-devices: balloon: Port to VirtioCommon
Use VirtioCommon to handle activate() preparation, reset() and Pausable.

Signed-off-by: Rob Bradford <robert.bradford@intel.com>
2020-09-05 10:06:39 +01:00
Rob Bradford
3487524950 virtio-device: block, common: Split out common code
Split the block device implementation into code that be used in common
between multiple different virtio device implementations.

Signed-off-by: Rob Bradford <robert.bradford@intel.com>
2020-09-05 10:06:39 +01:00
Rob Bradford
a9a138460b virtio-devices: Use Default::default() for transitioning to VirtioCommon
In order to simplify the transition to VirtioCommon and to avoid needing
to set empty fields derive Default for VirtioCommon.

Signed-off-by: Rob Bradford <robert.bradford@intel.com>
2020-09-05 10:06:39 +01:00
Rob Bradford
008cf4a5ae virtio-devices: block: Rearrange activate() to match other devices
Rearrange the code to match other devices which makes it easier to prep
for sharing this between other devices.

Signed-off-by: Rob Bradford <robert.bradford@intel.com>
2020-09-05 10:06:39 +01:00
Rob Bradford
56f03db69c virtio-devices: net: Simplify activate function
Move the if-let for the taps later which makes the earlier activation
code identical to other devices.

Signed-off-by: Rob Bradford <robert.bradford@intel.com>
2020-09-05 10:06:39 +01:00
Rob Bradford
31d7712878 virtio-devices: block: Remove duplicated block
The same block of code seems to copied twice into the block activation
function.

Signed-off-by: Rob Bradford <robert.bradford@intel.com>
2020-09-05 10:06:39 +01:00
Samuel Ortiz
e5ce6dc43c vmm: cpu: Warn if the guest is trying to access unregistered IO ranges
Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2020-09-04 14:39:58 +02:00
dependabot-preview[bot]
7f2ee1f984 build(deps): bump libz-sys from 1.1.1 to 1.1.2
Bumps [libz-sys](https://github.com/rust-lang/libz-sys) from 1.1.1 to 1.1.2.
- [Release notes](https://github.com/rust-lang/libz-sys/releases)
- [Commits](https://github.com/rust-lang/libz-sys/compare/1.1.1...1.1.2)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-09-04 05:41:22 +00:00
dependabot-preview[bot]
4870b5099a build(deps): bump proc-macro2 from 1.0.19 to 1.0.20
Bumps [proc-macro2](https://github.com/alexcrichton/proc-macro2) from 1.0.19 to 1.0.20.
- [Release notes](https://github.com/alexcrichton/proc-macro2/releases)
- [Commits](https://github.com/alexcrichton/proc-macro2/compare/1.0.19...1.0.20)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-09-04 05:41:03 +00:00
Bo Chen
4392a1484c tests: Port test_bzimage_reboot to the new methodology
Signed-off-by: Bo Chen <chen.bo@intel.com>
2020-09-03 17:47:14 +01:00
Bo Chen
ded376c6e1 tests: Port test_console_file to the new methodology
Signed-off-by: Bo Chen <chen.bo@intel.com>
2020-09-03 17:47:14 +01:00
Bo Chen
a4abb7f8e5 tests: Port test_virtio_console to the new methodology
Signed-off-by: Bo Chen <chen.bo@intel.com>
2020-09-03 17:47:14 +01:00
Bo Chen
aac0cba0d1 tests: Port test_serial_file to the new methodology
Signed-off-by: Bo Chen <chen.bo@intel.com>
2020-09-03 17:47:14 +01:00
Bo Chen
9686aef2c9 tests: Port test_serial_tty to the new methodology
Signed-off-by: Bo Chen <chen.bo@intel.com>
2020-09-03 17:47:14 +01:00
Bo Chen
4e0e3d6221 tests: Port test_serial_null to the new methodology
Signed-off-by: Bo Chen <chen.bo@intel.com>
2020-09-03 17:47:14 +01:00