Commit Graph

7709 Commits

Author SHA1 Message Date
Rob Bradford
b8f5687707 vmm: seccomp: Add munmap() to the "event-monitor" thread
Needed for Rust 1.74 on aarch64 with musl

Signed-off-by: Rob Bradford <rbradford@rivosinc.com>
2024-02-29 19:42:16 +00:00
Alexandru Matei
1091494320 vmm: http: graceful shutdown of the http api thread
This commit ensures that the HttpApi thread flushes all the responses
before the application shuts down. Without this step, in case of a
VmmShutdown request the application might terminate before the
thread sends a response.

Fixes: #6247

Signed-off-by: Alexandru Matei <alexandru.matei@uipath.com>
2024-02-29 12:34:30 +00:00
Alexandru Matei
3f2ca5375e scripts: Change features_build variable type to array
Because of double quotes the current value is passed
as a single argument with a space in it to cargo.
This commit changes it to an array so each element
is passed as a different arguments.

Signed-off-by: Alexandru Matei <alexandru.matei@uipath.com>
2024-02-29 11:38:43 +00:00
dependabot[bot]
efc24119f3 build: Bump anstream from 0.6.12 to 0.6.13 in /fuzz
Bumps [anstream](https://github.com/rust-cli/anstyle) from 0.6.12 to 0.6.13.
- [Commits](https://github.com/rust-cli/anstyle/compare/anstream-v0.6.12...anstream-v0.6.13)

---
updated-dependencies:
- dependency-name: anstream
  dependency-type: indirect
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-02-29 10:29:30 +00:00
Thomas Barrett
b750c332aa vmm: add NVIDIA GPUDirect P2P support
On platforms where PCIe P2P is supported, inject a PCI capability into
NVIDIA GPU to indicate support.

Signed-off-by: Thomas Barrett <tbarrett@crusoeenergy.com>
2024-02-29 09:26:29 +00:00
Ravi kumar Veeramally
05ec6190da scripts: Update Azure storage location to access images
Signed-off-by: Ravi kumar Veeramally <ravikumar.veeramally@intel.com>
2024-02-29 08:15:18 +00:00
Rob Bradford
1db30405e1 build: Cancel in progress actions on update
If the PR updated cancel outstanding jobs to conserve resources.

Signed-off-by: Rob Bradford <rbradford@rivosinc.com>
2024-02-28 20:11:20 +00:00
Rob Bradford
3e35529842 build: Only run bisectability check on PRs
Signed-off-by: Rob Bradford <rbradford@rivosinc.com>
2024-02-28 20:11:20 +00:00
Rob Bradford
96cc1ba76c build: Only check DCO on PRs
The DCO tool doesn't understand merge_groups but we still need to have a
valid status check to allow the merge group to proceed.

Signed-off-by: Rob Bradford <rbradford@rivosinc.com>
2024-02-28 20:11:20 +00:00
Rob Bradford
022f375ef8 build: Skip release check on pull requests
This takes a long time and duplicates existing checks on the pull
requests.

Signed-off-by: Rob Bradford <rbradford@rivosinc.com>
2024-02-28 20:11:20 +00:00
Rob Bradford
81b95023c4 build: Only run Intel + glibc on PR builds for x86-64 tests
Run all the tests on the merge queue.

Signed-off-by: Rob Bradford <rbradford@rivosinc.com>
2024-02-28 20:11:20 +00:00
Rob Bradford
f15ca1aec3 build: Make the Windows Guest Test always pass on PR builds
When running with the merge queue the tests will be fully executed.

Signed-off-by: Rob Bradford <rbradford@rivosinc.com>
2024-02-28 20:11:20 +00:00
Rob Bradford
cb8a728dfb build: Remove unnecessary if event checks from vfio/sgx workflows
Signed-off-by: Rob Bradford <rbradford@rivosinc.com>
2024-02-28 20:11:20 +00:00
Rob Bradford
80aa91f24c build: Use a nicer name for DCO check step
Signed-off-by: Rob Bradford <rbradford@rivosinc.com>
2024-02-28 20:11:20 +00:00
Rob Bradford
d9f48505fe build: Ensure all required checks run on merge_group
And clean up some of the whitespace formatting so that the "name" and
"on" are grouped away from the "jobs".

Signed-off-by: Rob Bradford <rbradford@rivosinc.com>
2024-02-28 20:11:20 +00:00
Bo Chen
1d098949b9 ci: Remove Jenkinsfile
Most of our CI workers are now running form GitHub actions, so we are
ready to disable Jenkins CI workers.

See: #6231

Signed-off-by: Bo Chen <chen.bo@intel.com>
2024-02-28 08:49:29 -08:00
dependabot[bot]
18a4d732b9 build: Bump windows_i686_gnu from 0.52.0 to 0.52.3 in /fuzz
Bumps [windows_i686_gnu](https://github.com/microsoft/windows-rs) from 0.52.0 to 0.52.3.
- [Release notes](https://github.com/microsoft/windows-rs/releases)
- [Commits](https://github.com/microsoft/windows-rs/commits)

---
updated-dependencies:
- dependency-name: windows_i686_gnu
  dependency-type: indirect
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-02-27 15:55:42 -08:00
Ravi kumar Veeramally
ba6bfee4ff build: Add GitHub action for Windows guest integration tests
Signed-off-by: Ravi kumar Veeramally <ravikumar.veeramally@intel.com>
Signed-off-by: Rob Bradford <rbradford@rivosinc.com>
2024-02-27 20:33:49 +00:00
dependabot[bot]
eecd879b36 build: Bump cc from 1.0.83 to 1.0.88 in /fuzz
Bumps [cc](https://github.com/rust-lang/cc-rs) from 1.0.83 to 1.0.88.
- [Release notes](https://github.com/rust-lang/cc-rs/releases)
- [Commits](https://github.com/rust-lang/cc-rs/compare/1.0.83...1.0.88)

---
updated-dependencies:
- dependency-name: cc
  dependency-type: indirect
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-02-27 14:24:37 +00:00
Ravi kumar Veeramally
57fb97e41f build: Add GitHub action for Rate Limiter integration tests
Signed-off-by: Ravi kumar Veeramally <ravikumar.veeramally@intel.com>
2024-02-26 14:38:17 -08:00
dependabot[bot]
97b23f1448 build: Bump remain from 0.2.12 to 0.2.13 in /fuzz
Bumps [remain](https://github.com/dtolnay/remain) from 0.2.12 to 0.2.13.
- [Release notes](https://github.com/dtolnay/remain/releases)
- [Commits](https://github.com/dtolnay/remain/compare/0.2.12...0.2.13)

---
updated-dependencies:
- dependency-name: remain
  dependency-type: indirect
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-02-24 09:39:48 +00:00
Chris Webb
0310c5726f main: Show help text when run without arguments
cloud-hypervisor, ch-remote, vhost-user-block and vhost-user-net all
need at least one argument to do anything useful, so printing command
help is helpful when they are run without arguments or a subcommand.

Use clap::Command::arg_required_else_help(true) to do this.

Signed-off-by: Chris Webb <chris@arachsys.com>
2024-02-24 09:35:37 +00:00
Chris Webb
5627c26405 ch-remote: Fix crash when run with no subcommand
ch-remote crashes when run with --api-socket but no subcommand:

  $ target/release/ch-remote --api-socket /tmp/api
  thread 'main' panicked at src/bin/ch-remote.rs:509:14:
  internal error: entered unreachable code

Use clap::Command::subcommand_required(true) to yield a more friendly
error in this case.

Signed-off-by: Chris Webb <chris@arachsys.com>
2024-02-24 09:35:37 +00:00
dependabot[bot]
07560c596d build: Bump mintex from 0.1.2 to 0.1.3
Bumps [mintex](https://github.com/garypen/mintex) from 0.1.2 to 0.1.3.
- [Commits](https://github.com/garypen/mintex/compare/v0.1.2...v0.1.3)

---
updated-dependencies:
- dependency-name: mintex
  dependency-type: indirect
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-02-24 08:40:35 +00:00
Muminul Islam
1a4c890f83 vmm: pass host data to SevSnp guest
Host data that is passed to the hypervisor. Then
the firmware includes the data in the attestation report.
The data might include any key or secret that the SevSnp guest
might need later.

Signed-off-by: Muminul Islam <muislam@microsoft.com>
2024-02-23 13:32:56 -08:00
Muminul Islam
e51fb0ee36 vmm: validate host data for SevSnp guest
Host data for SevSnp guest should either be empty
or 64 character hex value.

Signed-off-by: Muminul Islam <muislam@microsoft.com>
2024-02-23 13:32:56 -08:00
Muminul Islam
aa6c486a6b vmm: add host-data as a command line argument
The host data provided at launch. Data is passed
to the hypervisor during the completion of the
isolated import.

Host Data provided by the hypervisor during guest launch.
The firmware includes this value in all attestation
reports for the guest.

Signed-off-by: Muminul Islam <muislam@microsoft.com>
2024-02-23 13:32:56 -08:00
Ravi kumar Veeramally
b765acd608 build: Add GitHub action for VFIO integration tests
Signed-off-by: Ravi kumar Veeramally <ravikumar.veeramally@intel.com>
2024-02-23 16:25:47 +00:00
Ravi kumar Veeramally
4fb86e9915 build: Add GitHub action for SGX integration tests
Signed-off-by: Ravi kumar Veeramally <ravikumar.veeramally@intel.com>
2024-02-23 16:22:56 +00:00
dependabot[bot]
7d305c5bbf build: Bump anyhow from 1.0.79 to 1.0.80 in /fuzz
Bumps [anyhow](https://github.com/dtolnay/anyhow) from 1.0.79 to 1.0.80.
- [Release notes](https://github.com/dtolnay/anyhow/releases)
- [Commits](https://github.com/dtolnay/anyhow/compare/1.0.79...1.0.80)

---
updated-dependencies:
- dependency-name: anyhow
  dependency-type: indirect
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-02-23 11:43:24 +00:00
dependabot[bot]
3c4fa14c3e build: Bump libz-sys from 1.1.12 to 1.1.15
Bumps [libz-sys](https://github.com/rust-lang/libz-sys) from 1.1.12 to 1.1.15.
- [Release notes](https://github.com/rust-lang/libz-sys/releases)
- [Commits](https://github.com/rust-lang/libz-sys/compare/1.1.12...1.1.15)

---
updated-dependencies:
- dependency-name: libz-sys
  dependency-type: indirect
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-02-23 11:03:36 +00:00
Muminul Islam
b77f779c90 vmm: Add seccomp rules for MSHV SevSnp guest
There are new IOCTLs added for SevSnp guest support.
This patch adds necessary seccomp ruled.

Signed-off-by: Muminul Islam <muislam@microsoft.com>
2024-02-23 09:45:04 +00:00
Rob Bradford
1fe2771a0d build: Add some timeouts to integration test workflow
Add top-level timeout for the jobs and also more agressive per step
timeouts.

Signed-off-by: Rob Bradford <rbradford@rivosinc.com>
2024-02-23 09:30:54 +00:00
Rob Bradford
2e4079becb build: Add libc to matrix for x86-64 tests
To reduce issues caused by flaky tests split the musl and glibc jobs
into separate jobs. This means fewer jobs will need to be restarted for
flaky tests. This will also increase CI throughput since the musl builds
account for ~40% of the total CI time when run together with glibc.

Signed-off-by: Rob Bradford <rbradford@rivosinc.com>
2024-02-23 09:30:54 +00:00
Rob Bradford
d32de07be7 build: Disable "fail fast" on x86-64 GitHub action
This will help handle flakiness in the builds by requiring the minimum
number of restarts.

Signed-off-by: Rob Bradford <rbradford@rivosinc.com>
2024-02-23 09:30:54 +00:00
Rob Bradford
6ec83c7d8e build: Switch GitHub action ARM64 builds to musl
Signed-off-by: Rob Bradford <rbradford@rivosinc.com>
2024-02-23 09:30:54 +00:00
dependabot[bot]
68dd467104 build: Bump pkg-config from 0.3.27 to 0.3.30
Bumps [pkg-config](https://github.com/rust-lang/pkg-config-rs) from 0.3.27 to 0.3.30.
- [Changelog](https://github.com/rust-lang/pkg-config-rs/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rust-lang/pkg-config-rs/compare/0.3.27...0.3.30)

---
updated-dependencies:
- dependency-name: pkg-config
  dependency-type: indirect
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-02-22 15:06:32 +00:00
dependabot[bot]
a9aed1a9bc build: Bump clap from 4.5.0 to 4.5.1 in /fuzz
Bumps [clap](https://github.com/clap-rs/clap) from 4.5.0 to 4.5.1.
- [Release notes](https://github.com/clap-rs/clap/releases)
- [Changelog](https://github.com/clap-rs/clap/blob/master/CHANGELOG.md)
- [Commits](https://github.com/clap-rs/clap/compare/clap_complete-v4.5.0...clap_complete-v4.5.1)

---
updated-dependencies:
- dependency-name: clap
  dependency-type: indirect
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-02-22 15:06:08 +00:00
Rob Bradford
84a6da5e93 build: Extend x86-64 GitHub action to AMD runner
Use the matrix to add a build runnind on the AMD variant of the garm
runner.

Signed-off-by: Rob Bradford <rbradford@rivosinc.com>
2024-02-22 13:07:32 +00:00
Rob Bradford
6930370a03 tests: Remove download of unused bionic image for aarch64
The bionic image was being downloaded and converted but no test uses
this image any longer.

Signed-off-by: Rob Bradford <rbradford@rivosinc.com>
2024-02-22 12:28:40 +00:00
Rob Bradford
89f2a4882e build: Add GitHub action for ARM64 integration tests
Signed-off-by: Rob Bradford <rbradford@rivosinc.com>
2024-02-22 12:28:40 +00:00
Rob Bradford
307a0166c5 build: Add GitHub action for unit/integration testing
Signed-off-by: Rob Bradford <rbradford@rivosinc.com>
2024-02-22 12:23:44 +00:00
dependabot[bot]
845bdfb1b2 build: Bump bitflags from 2.4.1 to 2.4.2
Bumps [bitflags](https://github.com/bitflags/bitflags) from 2.4.1 to 2.4.2.
- [Release notes](https://github.com/bitflags/bitflags/releases)
- [Changelog](https://github.com/bitflags/bitflags/blob/main/CHANGELOG.md)
- [Commits](https://github.com/bitflags/bitflags/compare/2.4.1...2.4.2)

---
updated-dependencies:
- dependency-name: bitflags
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-02-20 23:54:02 +00:00
dependabot[bot]
e136d343ab build: Bump anstream from 0.6.11 to 0.6.12 in /fuzz
Bumps [anstream](https://github.com/rust-cli/anstyle) from 0.6.11 to 0.6.12.
- [Commits](https://github.com/rust-cli/anstyle/compare/anstream-v0.6.11...anstream-v0.6.12)

---
updated-dependencies:
- dependency-name: anstream
  dependency-type: indirect
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-02-20 23:24:22 +00:00
Jinank Jain
9b722bbcf6 hypervisor: mshv: Don't unregister ioevent in case of SEV-SNP guest
Since we don't register ioevents in case of SEV-SNP guests. Thus, we
should not unregister it as well.

Signed-off-by: Jinank Jain <jinankjain@microsoft.com>
2024-02-20 06:55:13 -08:00
dependabot[bot]
927df4e643 build: Bump hermit-abi from 0.3.3 to 0.3.6
Bumps [hermit-abi](https://github.com/hermitcore/hermit-rs) from 0.3.3 to 0.3.6.
- [Release notes](https://github.com/hermitcore/hermit-rs/releases)
- [Commits](https://github.com/hermitcore/hermit-rs/compare/hermit-abi-0.3.3...hermit-abi-0.3.6)

---
updated-dependencies:
- dependency-name: hermit-abi
  dependency-type: indirect
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-02-20 00:19:46 +00:00
dependabot[bot]
8e46c03453 build: Bump ryu from 1.0.16 to 1.0.17 in /fuzz
Bumps [ryu](https://github.com/dtolnay/ryu) from 1.0.16 to 1.0.17.
- [Release notes](https://github.com/dtolnay/ryu/releases)
- [Commits](https://github.com/dtolnay/ryu/compare/1.0.16...1.0.17)

---
updated-dependencies:
- dependency-name: ryu
  dependency-type: indirect
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-02-19 23:26:17 +00:00
Rob Bradford
adb318f4cd misc: Remove redundant "use" imports
With the nightly toolchain (2024-02-18) cargo check will flag up
redundant imports either because they are pulled in by the prelude on
earlier match.

Remove those redundant imports.

Signed-off-by: Rob Bradford <rbradford@rivosinc.com>
2024-02-19 17:54:30 +00:00
Chris Webb
09f3658999 vmm: Avoid zombie sigwinch_listener processes
When a guest running on a terminal reboots, the sigwinch_listener
subprocess exits and a new one restarts. The parent never wait()s
for children, so the old subprocess remains as a zombie. With further
reboots, more and more zombies build up.

As there are no other children for which we want the exit status,
the easiest fix is to take advantage of the implicit reaping specified
by POSIX when we set the disposition of SIGCHLD to SIG_IGN.

For this to work, we also need to set the correct default exit signal
of SIGCHLD when using clone3() CLONE_CLEAR_SIGHAND. Unlike the fallback
fork() path, clone_args::default() initialises the exit signal to zero,
which results in a child with non-standard reaping behaviour.

Signed-off-by: Chris Webb <chris@arachsys.com>
2024-02-19 17:08:47 +00:00
Stefan Nuernberger
6362b711c6 README: update for direct boot bzImage support
Signed-off-by: Stefan Nuernberger <stefan.nuernberger@cyberus-technology.de>
2024-02-19 17:07:50 +00:00