Commit Graph

701 Commits

Author SHA1 Message Date
Wei Liu
fe24a7a24f hypervisor: introduce an mshv_emulator feature
This will become useful when we build the fuzzing target for the
instruction emulator, because there is no need to pull in the rest of
the hypervisor crate in that situation.

Signed-off-by: Wei Liu <liuwe@microsoft.com>
2025-01-02 22:43:59 +00:00
Wei Liu
73e1451a12 hypervisor: emulator: use wrapping arithmetic
Signed-off-by: Wei Liu <liuwe@microsoft.com>
2025-01-02 22:43:59 +00:00
Wei Liu
1180f757b3 hypervisor: emulator: adjust iced-x86 feature flags
The fastfmt feature and VEX support use techniques that appear to leak
memory in the eye of LLVM's address sanitizer.

While at it, disable a bunch of instruction set decoding support we
never intend to support.

Signed-off-by: Wei Liu <liuwe@microsoft.com>
2025-01-02 22:43:59 +00:00
Muminul Islam
4e298d1abf hypervisor: maintain a bitmap for SEV-SNP VM on MSHV
Add a bitmap to MshvVM struct for caching the pages
that the VMM got shared access from the guest.

Signed-off-by: Muminul Islam <muislam@microsoft.com>
2024-12-12 03:32:22 +00:00
Muminul Islam
4054a49e2d hypervisor: use memory size during VM creation
For SEV-SNP VM on MSHV we need to request page access during
IO, we want to avoid such request for the page that have already
been requested. In order to maintain the bitmap we need the memory size
during bitmap creation.

Signed-off-by: Muminul Islam <muislam@microsoft.com>
2024-12-12 03:32:22 +00:00
Muminul Islam
e4a5219f53 hypervisor: mshv: modify GuestRequest handling for CVM
VMM needs to handle VMG exit for guest request. This patch
removes the old method that uses gpa_read/write(IOCTL and hypercall),
which is expensive and update the GHCB page using
mapped(root partition) struct.

Signed-off-by: Muminul Islam <muislam@microsoft.com>
2024-12-11 21:06:06 +00:00
Muminul Islam
a458351d8b hypervisor: mshv: modify MMIO exit handling for CVM
VMM needs to handle VMG exit for MMIO. This patch
removes the old method that uses gpa_read/write(IOCTL and hypercall),
which is expensive and update the GHCB page using
mapped(root partition) struct.

Signed-off-by: Muminul Islam <muislam@microsoft.com>
2024-12-11 21:06:06 +00:00
Muminul Islam
5a27bf878c hypervisor: mshv: modify IoPort handling for CVM
VMM needs to handle VMG exit for IO Port. This patch
removes the old method that uses gpa_read/write(IOCTL and hypercall),
which is expensive and update the GHCB page using
mapped(root partition) struct.

Signed-off-by: Muminul Islam <muislam@microsoft.com>
2024-12-11 21:06:06 +00:00
Muminul Islam
310dafb4d7 hypervisor: mshv: modify doorbell page handling for CVM
VMM needs to handle VMG exit for doorbell page. This patch
removes the old method that uses gpa_read/write(IOCTL and hypercall),
which is expensive and update the GHCB page using
mapped(root partition) struct.

Signed-off-by: Muminul Islam <muislam@microsoft.com>
2024-12-11 21:06:06 +00:00
Muminul Islam
78895dcc37 hypervisor: mshv: clear exitinfo1 using mapped ghcb address
After handling the VMG exit vmm needs to clear the exitinfo1
into the GHCB page. This patch replaces the old
method(gpa_write) and clear the exitinfo1 using mapped GHCB struct.

Signed-off-by: Muminul Islam <muislam@microsoft.com>
2024-12-11 21:06:06 +00:00
Muminul Islam
1757d83db3 hypervisor: Keep GHCB mapped address for each VCPU on MSHV
For confidential VM on MSHV, GHCB page is the communication
method between guest and host. All the CVM exits, VMM
needs to read and write to the GHCB page. MSHV provides
an option to remap the page to the root partition. This
way VMM could directly read and write to the page and
skip extra IOCTL and hypercall. This improvement makes
the IO 10% faster.

Signed-off-by: Muminul Islam <muislam@microsoft.com>
2024-12-11 21:06:06 +00:00
dependabot[bot]
0c2f2d3ec1 build: Bump anyhow from 1.0.87 to 1.0.94
Bumps [anyhow](https://github.com/dtolnay/anyhow) from 1.0.87 to 1.0.94.
- [Release notes](https://github.com/dtolnay/anyhow/releases)
- [Commits](https://github.com/dtolnay/anyhow/compare/1.0.87...1.0.94)

---
updated-dependencies:
- dependency-name: anyhow
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-12-05 00:30:01 +00:00
Ruoqing He
c4063d26be hypervisor: Set pc and a1 for all vcpu
It turns out we need to setup `a0`, `pc` and `a1` for all vcpus before
we run them, remove predicates used to set `pc` and `a1` for `vcpu0`.

Signed-off-by: Ruoqing He <heruoqing@iscas.ac.cn>
2024-12-03 22:13:37 +00:00
Ruoqing He
9006013c60 hypervisor: Tune Vaia trait to work with fdt setup
Previous `Vaia` implementation uses types as it is, thus the property
string generated for fdt setup requires additional type conversion.
Change the types used in the methods of `Vaia` trait to provide a
concise fdt setup process.

Signed-off-by: Ruoqing He <heruoqing@iscas.ac.cn>
2024-12-03 22:13:37 +00:00
dependabot[bot]
30cf1eed5e build: Bump libc from 0.2.158 to 0.2.167
Bumps [libc](https://github.com/rust-lang/libc) from 0.2.158 to 0.2.167.
- [Release notes](https://github.com/rust-lang/libc/releases)
- [Changelog](https://github.com/rust-lang/libc/blob/0.2.167/CHANGELOG.md)
- [Commits](https://github.com/rust-lang/libc/compare/0.2.158...0.2.167)

---
updated-dependencies:
- dependency-name: libc
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-12-03 01:15:36 +00:00
Ruoqing He
fbe1cd6404 hypervisor: kvm: Add g/set_regs unit-test on riscv64
Add unit-test to make sure get_regs and set_regs on riscv64 architecture
work as expected, effectively avoiding typos in register names.

Signed-off-by: Ruoqing He <heruoqing@iscas.ac.cn>
2024-11-06 14:32:39 +00:00
Ruoqing He
76256230d6 hypervisor: kvm: Complement create_standard_regs
Complement `create_standard_regs` implementation on RISC-V platform to
work with `From` trait of `kvm_riscv_core`.

Signed-off-by: Ruoqing He <heruoqing@iscas.ac.cn>
2024-11-06 14:32:39 +00:00
Ruoqing He
8cd80ea36b hypervisor: Introduce RISC-V architecture
Introduce cpu, vm, kvm, arch module RISC-V platform support. Add macro
definitions to implement methods interacting with RISC-V registers.

Signed-off-by: Ruoqing He <heruoqing@iscas.ac.cn>
2024-11-06 14:32:39 +00:00
Ruoqing He
5e937c8b88 hypervisor: vm: Introduce RISC-V Vm trait
Introduce RISC-V specific Vm traits and error variant, disable
`create_irq_chip` on RISC-V platform.

Signed-off-by: Ruoqing He <heruoqing@iscas.ac.cn>
2024-11-06 14:32:39 +00:00
Ruoqing He
710535343b hypervisor: cpu: Introduce RISC-V Vcpu trait
Add RISC-V specific Vcpu trait. Disable `set_guest_debug` on RISC-V
platform.

Signed-off-by: Ruoqing He <heruoqing@iscas.ac.cn>
2024-11-06 14:32:39 +00:00
Ruoqing He
59c5b0a1cd hypervisor: kvm: Integrate riscv64 regs & AIA
Incorporates riscv64 register interaction and AIA creation to kvm
module. Complete `Vcpu` trait on RISC-V platform.

Signed-off-by: Ruoqing He <heruoqing@iscas.ac.cn>
2024-11-06 14:32:39 +00:00
Ruoqing He
c13019d5b5 hypervisor: cpu: Introduce RISC-V specific error
Add error variants specific to RISC-V architecture.

Signed-off-by: Ruoqing He <heruoqing@iscas.ac.cn>
2024-11-06 14:32:39 +00:00
Ruoqing He
c5774685f4 hypervisor: kvm: Introduce AIA creation
Implement definition required to work with KVM in-kernel AIA device,
construction procedure of AIA.

Signed-off-by: Ruoqing He <heruoqing@iscas.ac.cn>
2024-11-06 14:32:39 +00:00
Ruoqing He
2df8d2fa1e hypervisor: kvm: Introduce riscv64 register g/set
Implement macros to calculate register ID on riscv64, definition of
RISC-V `VcpuKvmState`.

Signed-off-by: Ruoqing He <heruoqing@iscas.ac.cn>
2024-11-06 14:32:39 +00:00
Ruoqing He
dd00bd6ef2 hypervisor: arch: Integrate riscv64 to arch module
Integrate `aia` module into `riscv64` module, and enable `riscv64`
module if target architecture is RISC-V 64-bit.

Signed-off-by: Ruoqing He <heruoqing@iscas.ac.cn>
2024-11-06 14:32:39 +00:00
Ruoqing He
2752149bb0 hypervisor: arch: Introduce riscv64 AIA
Introduce definitions, traits relate to RISC-V AIA (Advanced Interrupt
Architecutre) construction.

Signed-off-by: Ruoqing He <heruoqing@iscas.ac.cn>
2024-11-06 14:32:39 +00:00
Ruoqing He
838a857311 hypervisor: Wrap get_device_attr with unsafe
`get_device_attr` in 0.19.0 kvm-ioctls is marked as unsafe, wrap
invokation of `get_device_attr` with `unsafe` block.

Signed-off-by: Ruoqing He <heruoqing@iscas.ac.cn>
2024-11-04 11:08:29 +00:00
Rob Bradford
166a005b76 hypervisor: mshv: Fix superflous lifetimes
warning: the following explicit lifetimes could be elided: 'a
   --> hypervisor/src/arch/x86/emulator/mod.rs:492:6
    |
492 | impl<'a, T: CpuStateManager> Emulator<'a, T> {
    |      ^^                               ^^
    |
    = help: for further information visit https://rust-lang.github.io/rust-clippy/master/index.html#needless_lifetimes
    = note: `#[warn(clippy::needless_lifetimes)]` on by default
help: elide the lifetimes
    |
492 - impl<'a, T: CpuStateManager> Emulator<'a, T> {
492 + impl<T: CpuStateManager> Emulator<'_, T> {
    |

warning: the following explicit lifetimes could be elided: 'a
  --> hypervisor/src/mshv/x86_64/emulator.rs:19:6
   |
19 | impl<'a> MshvEmulatorContext<'a> {
   |      ^^                      ^^
   |
   = help: for further information visit https://rust-lang.github.io/rust-clippy/master/index.html#needless_lifetimes
help: elide the lifetimes
   |
19 - impl<'a> MshvEmulatorContext<'a> {
19 + impl MshvEmulatorContext<'_> {
   |

warning: the following explicit lifetimes could be elided: 'a
  --> hypervisor/src/mshv/x86_64/emulator.rs:65:6
   |
65 | impl<'a> PlatformEmulator for MshvEmulatorContext<'a> {
   |      ^^                                           ^^
   |
   = help: for further information visit https://rust-lang.github.io/rust-clippy/master/index.html#needless_lifetimes
help: elide the lifetimes
   |
65 - impl<'a> PlatformEmulator for MshvEmulatorContext<'a> {
65 + impl PlatformEmulator for MshvEmulatorContext<'_> {
   |

Signed-off-by: Rob Bradford <rbradford@rivosinc.com>
2024-10-21 15:28:17 +00:00
Ruoqing He
6164aa0885 misc: Replace div_round_up operation with div_ceil
As clippy of rust-toolchain version 1.83.0-beta.1 suggests, replace
manually implemented `div_round_up!` and the like with `div_ceil` from
std.

Signed-off-by: Ruoqing He <heruoqing@iscas.ac.cn>
2024-10-18 17:46:39 +00:00
Ruoqing He
297236a7c0 misc: Eliminate use of assert!((...).is_ok())
Asserting on .is_ok()/.is_err() leads to hard to debug failures (as if
the test fails, it will only say "assertion failed: false". We replace
these with `.unwrap()`, which also prints the exact error variant that
was unexpectedly encountered (we can to this these days thanks to
efforts to implement Display and Debug for our error types). If the
assert!((...).is_ok()) was followed by an .unwrap() anyway, we just drop
the assert.

Inspired by and quoted from @roypat.

Signed-off-by: Ruoqing He <heruoqing@iscas.ac.cn>
2024-10-03 12:03:49 +00:00
Rob Bradford
8036a2c3de hypervisor: kvm: Expose create_standard_regs() for all architectures
The aarch64 unit tests make use of this.

Fixes commit 3645654c39

Signed-off-by: Rob Bradford <rbradford@rivosinc.com>
2024-10-02 14:50:39 +00:00
Ruoqing He
61e57e1cb1 misc: Further improve imports styling
By introducing `imports_granularity="Module"` format strategy,
effectively groups imports from the same module into one line or block,
improving maintainability and readability.

Signed-off-by: Ruoqing He <heruoqing@iscas.ac.cn>
2024-09-29 16:13:48 +00:00
Rob Bradford
88a9f79944 misc: Adapt consistent import style formatting
Historically the Cloud Hypervisor coding style has been to ensure that
all imports are ordered and placed in a single group. Unfortunately
cargo fmt has no support for ensuring that all imports are in a single
group so if whitespace lines were added as part of the import statements
then they would only be odered correctly in the group.

By adopting "group_imports="StdExternalCrate" we can enforce a style
where imports are placed in at most three groups for std, external
crates and the crate itself. Choosing a style enforceable by the tooling
reduces the reviewer burden.

Signed-off-by: Rob Bradford <rbradford@rivosinc.com>
2024-09-29 13:08:12 +01:00
Ruoqing He
5a70d7ec69 build: Centralize rust-vmm crates to workspace
Modify `Cargo.toml` in each member crate to follow the dependencies
specified in root `Cargo.toml` file.

Signed-off-by: Ruoqing He <heruoqing@iscas.ac.cn>
2024-09-27 15:58:21 +00:00
Rob Bradford
d90fa96bb7 build: Bulk update vm-memory and related dependencies
Signed-off-by: Rob Bradford <rbradford@rivosinc.com>
2024-09-26 12:31:25 +00:00
Nuno Das Neves
9f08aa6dc2 hypervisor: mshv: Update mshv crates to v0.3.0
And modify to code to use the updated interfaces.

Arguments for map_guest_memory, get_dirty_bitmap, vp.run(),
import_isolated_pages, modify_gpa_host_access have changed.
Update these to use the new interfaces, including new MSHV_*
definitions, and remove some redundant arguments.

Update seccomp IOCTLs to reflect interface changes.

Fix irq-related definitions naming.

Bump vfio-ioctls to support mshv v0.3.0.

Signed-off-by: Nuno Das Neves <nudasnev@microsoft.com>
2024-09-25 16:23:45 +00:00
Ruoqing He
e8697735d1 hypervisor: cpu: Fix GetRegList comment
`GetRegList` variant will be referenced on both Aarch and RISC-V. Fixed
comment to generalize this error variant.

Signed-off-by: Ruoqing He <heruoqing@iscas.ac.cn>
2024-09-23 12:06:25 +00:00
Ruoqing He
2668dbbd8b hypervisor: cpu: Expand Set/GetCoreRegisters variant
Since RISC-V has its own definition of `CoreRegister`, expand the Aarch
variant to avoid collision of `HypervisorCpuError`.

Signed-off-by: Ruoqing He <heruoqing@iscas.ac.cn>
2024-09-23 12:06:25 +00:00
Ruoqing He
e9f137dc4a hypervisor: cpu: Fix get/set one reg error message
The error message of `SetRegister` and `GetRegister` fail to describe
the reason as the error variant suggests. Fixed error message
accordingly.

Signed-off-by: Ruoqing He <heruoqing@iscas.ac.cn>
2024-09-23 12:06:25 +00:00
dependabot[bot]
4e64df1005 build: Bump anyhow from 1.0.86 to 1.0.87
Bumps [anyhow](https://github.com/dtolnay/anyhow) from 1.0.86 to 1.0.87.
- [Release notes](https://github.com/dtolnay/anyhow/releases)
- [Commits](https://github.com/dtolnay/anyhow/compare/1.0.86...1.0.87)

---
updated-dependencies:
- dependency-name: anyhow
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-09-10 00:03:10 +00:00
Bo Chen
37756c5d32 build: Update kvm-bindings related dependencies
Particularly update kvm-bindings, kvm-ioctls, vfio-bindings,
and vfio-ioctls.

Signed-off-by: Bo Chen <chen.bo@intel.com>
2024-09-09 21:01:21 +00:00
Bo Chen
60c8a72e29 misc: Fix various warnings from clippy 0.1.82
An example warning output is:

error: first doc comment paragraph is too long
   --> virtio-devices/src/lib.rs:158:1
    |
158 | / /// Convert an absolute address into an address space (GuestMemory)
159 | | /// to a host pointer and verify that the provided size define a valid
160 | | /// range within a single memory region.
161 | | /// Return None if it is out of bounds or if addr+size overlaps a single region.
    | |_
    |
    = help: for further information visit https://rust-lang.github.io/rust-clippy/master/index.html#too_long_first_doc_paragraph
    = note: `-D clippy::too-long-first-doc-paragraph` implied by `-D warnings`
    = help: to override `-D warnings` add `#[allow(clippy::too_long_first_doc_paragraph)]`

Signed-off-by: Bo Chen <chen.bo@intel.com>
2024-09-07 09:40:20 +00:00
dependabot[bot]
68468b8519 build: Bump libc from 0.2.155 to 0.2.158
Bumps [libc](https://github.com/rust-lang/libc) from 0.2.155 to 0.2.158.
- [Release notes](https://github.com/rust-lang/libc/releases)
- [Changelog](https://github.com/rust-lang/libc/blob/0.2.158/CHANGELOG.md)
- [Commits](https://github.com/rust-lang/libc/compare/0.2.155...0.2.158)

---
updated-dependencies:
- dependency-name: libc
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-09-06 00:04:34 +00:00
Wenyu Huang
d2a364c5c0 vmm: Add support for enabling SVE in vm guests
This change enables SVE automatically if the host support SVE/SVE2.

Signed-off-by: Wenyu Huang <huangwenyuu@outlook.com>
2024-09-04 08:33:37 +01:00
Tom Dohrmann
8fd0310db9 hypervisor: mshv: implement extended guest requests with empty certs
Previously we didn't handle extended guest requests at all and always
returned an error. This lead to issues with some guests that expected
extended requests to succeed. Instead, handle extended requests like
normal requests and write zeros to the extended area to signal to the
guest that we don't want to supply any additional certificate data.

Signed-off-by: Tom Dohrmann <erbse.13@gmx.de>
2024-08-30 18:36:54 +00:00
Tom Dohrmann
486c61da5e hypervisor: mshv: add helpers for reading and writing guest memory
Signed-off-by: Tom Dohrmann <erbse.13@gmx.de>
2024-08-30 18:36:54 +00:00
Jinank Jain
c93e1aa12e hypervisor: Remove unnecessary redefinition of kvm_regs as StandardRegs
In case of ARM64 kvm_regs are considered as StandardRegister which is no
longer required since we have defined architecture independent
StandardRegisters in hypervisor crate.

Signed-off-by: Jinank Jain <jinankjain@microsoft.com>
2024-08-30 17:04:37 +00:00
Jinank Jain
ba262e45a4 hypervisor: vmm: Switch to common StandardRegisters implementation
Use the StandardRegisters defined in the hypervisor crate instead of
re-defining it from MSHV/KVM crate.

Signed-off-by: Jinank Jain <jinankjain@microsoft.com>
2024-08-30 17:04:37 +00:00
Jinank Jain
a987c3d0fc hypervisor: Define helper function for setting ARM64 KVM regs
This change is along the lines of x86 platform which defined similar
convinence macros to access the StandardRegisters.

Signed-off-by: Jinank Jain <jinankjain@microsoft.com>
2024-08-30 17:04:37 +00:00
Anirudh Rayabharam
f63c2d896f hypervisor: mshv: implement get_guest_debug_hw_bps
Implement get_guest_debug_hw_bps() for mshv and simply return 0 for now.
This unblocks the usage of the crashdump feature with mshv. If left
unimplemented, Cloud Hypervisor built with mshv and guest_debug features
crashes immediately upon start due to unimplemented!() macro.

Signed-off-by: Anirudh Rayabharam <anrayabh@microsoft.com>
2024-08-27 16:11:52 +00:00