Commit Graph

6746 Commits

Author SHA1 Message Date
Rob Bradford
c22c4675b3 arch, hypervisor: Populate CPUID leaf 0x4000_0010 (TSC frequency)
This hypervisor leaf includes details of the TSC frequency if that is
available from KVM. This can be used to efficiently calculate time
passed when there is an invariant TSC.

TEST=Run `cpuid` in the guest and observe the frequency populated.

Fixes: #5178

Signed-off-by: Rob Bradford <robert.bradford@intel.com>
2023-02-09 18:32:21 +01:00
Rob Bradford
7ccf58a019 Revert "build: Temporarily disable bare metal x86-64 workers"
This reverts commit 496f932276.

The systems are back online and reachable.

Signed-off-by: Rob Bradford <robert.bradford@intel.com>
2023-02-09 16:30:07 +01:00
dependabot[bot]
48e1af7d3c build: Bump fdt from 0.1.4 to 0.1.5 in /fuzz
Bumps [fdt](https://github.com/repnop/fdt) from 0.1.4 to 0.1.5.
- [Release notes](https://github.com/repnop/fdt/releases)
- [Commits](https://github.com/repnop/fdt/commits)

---
updated-dependencies:
- dependency-name: fdt
  dependency-type: indirect
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-02-08 23:20:11 +00:00
dependabot[bot]
341a69c39c build: Bump openssl-src from 111.24.0+1.1.1s to 111.25.0+1.1.1t
Bumps [openssl-src](https://github.com/alexcrichton/openssl-src-rs) from 111.24.0+1.1.1s to 111.25.0+1.1.1t.
- [Release notes](https://github.com/alexcrichton/openssl-src-rs/releases)
- [Commits](https://github.com/alexcrichton/openssl-src-rs/commits)

---
updated-dependencies:
- dependency-name: openssl-src
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-02-08 23:09:51 +00:00
dependabot[bot]
5d34d85b92 build: Bump darling from 0.14.2 to 0.14.3
Bumps [darling](https://github.com/TedDriggs/darling) from 0.14.2 to 0.14.3.
- [Release notes](https://github.com/TedDriggs/darling/releases)
- [Changelog](https://github.com/TedDriggs/darling/blob/master/CHANGELOG.md)
- [Commits](https://github.com/TedDriggs/darling/compare/v0.14.2...v0.14.3)

---
updated-dependencies:
- dependency-name: darling
  dependency-type: indirect
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-02-07 23:40:55 +00:00
dependabot[bot]
bcd46906ec build: Bump serde_json from 1.0.91 to 1.0.92 in /fuzz
Bumps [serde_json](https://github.com/serde-rs/json) from 1.0.91 to 1.0.92.
- [Release notes](https://github.com/serde-rs/json/releases)
- [Commits](https://github.com/serde-rs/json/compare/v1.0.91...v1.0.92)

---
updated-dependencies:
- dependency-name: serde_json
  dependency-type: indirect
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-02-07 23:17:44 +00:00
Bo Chen
bc59ca72f3 docs: Update the intel_tdx documentation
Updates include:
- Add references to 'TDX Tools'
- Expand instructions on buidling and using TDShim
- Add version information of guest/host kernel, TDVF, TDShim being tested

Signed-off-by: Bo Chen <chen.bo@intel.com>
2023-02-07 06:30:38 -08:00
dependabot[bot]
995945dd25 build: Bump rustix from 0.36.7 to 0.36.8
Bumps [rustix](https://github.com/bytecodealliance/rustix) from 0.36.7 to 0.36.8.
- [Release notes](https://github.com/bytecodealliance/rustix/releases)
- [Commits](https://github.com/bytecodealliance/rustix/compare/v0.36.7...v0.36.8)

---
updated-dependencies:
- dependency-name: rustix
  dependency-type: indirect
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-02-06 23:42:06 +00:00
dependabot[bot]
8edd81ec82 build: Bump darling from 0.14.2 to 0.14.3 in /fuzz
Bumps [darling](https://github.com/TedDriggs/darling) from 0.14.2 to 0.14.3.
- [Release notes](https://github.com/TedDriggs/darling/releases)
- [Changelog](https://github.com/TedDriggs/darling/blob/master/CHANGELOG.md)
- [Commits](https://github.com/TedDriggs/darling/compare/v0.14.2...v0.14.3)

---
updated-dependencies:
- dependency-name: darling
  dependency-type: indirect
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-02-06 23:21:38 +00:00
dependabot[bot]
726cfa41f4 build: Bump pnet and pnet_datalink from 0.31.0 to 0.33.0
Bumps [pnet](https://github.com/libpnet/libpnet) from 0.31.0 to 0.33.0.
- [Release notes](https://github.com/libpnet/libpnet/releases)
- [Commits](https://github.com/libpnet/libpnet/compare/v0.31.0...v0.33.0)

---
updated-dependencies:
- dependency-name: pnet
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: Bo Chen <chen.bo@intel.com>
Signed-off-by: dependabot[bot] <support@github.com>
2023-02-06 19:26:36 +00:00
dependabot[bot]
d19a5d5356 build: Bump mshv-bindings from 48b389a to 0b2af25
Bumps [mshv-bindings](https://github.com/rust-vmm/mshv) from `48b389a` to `0b2af25`.
- [Release notes](https://github.com/rust-vmm/mshv/releases)
- [Commits](48b389af1f...0b2af25128)

---
updated-dependencies:
- dependency-name: mshv-bindings
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-02-02 23:42:08 +00:00
Rob Bradford
69e8f60b91 tdx: Set the SEPT_VE_DISABLE attribute
This is required for booting Linux:

From: https://lore.kernel.org/all/20221028141220.29217-3-kirill.shutemov@linux.intel.com/

"""

Virtualization Exceptions (#VE) are delivered to TDX guests due to
specific guest actions such as using specific instructions or accessing
a specific MSR.

Notable reason for #VE is access to specific guest physical addresses.
It requires special security considerations as it is not fully in
control of the guest kernel. VMM can remove a page from EPT page table
and trigger #VE on access.

The primary use-case for #VE on a memory access is MMIO: VMM removes
page from EPT to trigger exception in the guest which allows guest to
emulate MMIO with hypercalls.

MMIO only happens on shared memory. All conventional kernel memory is
private. This includes everything from kernel stacks to kernel text.

Handling exceptions on arbitrary accesses to kernel memory is
essentially impossible as handling #VE may require access to memory
that also triggers the exception.

TDX module provides mechanism to disable #VE delivery on access to
private memory. If SEPT_VE_DISABLE TD attribute is set, private EPT
violation will not be reflected to the guest as #VE, but will trigger
exit to VMM.

Make sure the attribute is set by VMM. Panic otherwise.

There's small window during the boot before the check where kernel has
early #VE handler. But the handler is only for port I/O and panic as
soon as it sees any other #VE reason.

SEPT_VE_DISABLE makes SEPT violation unrecoverable and terminating the
TD is the only option.

Kernel has no legitimate use-cases for #VE on private memory. It is
either a guest kernel bug (like access of unaccepted memory) or
malicious/buggy VMM that removes guest page that is still in use.

In both cases terminating TD is the right thing to do.

"""

With this change Cloud Hypervisor can boot the current Linux guest
kernel.

Reported-By: Jiaqi Gao <jiaqi.gao@intel.com
Signed-off-by: Rob Bradford <robert.bradford@intel.com>
2023-02-02 14:53:59 +00:00
dependabot[bot]
c6eb69caba build: Bump miniz_oxide from 0.6.2 to 0.6.4
Bumps [miniz_oxide](https://github.com/Frommi/miniz_oxide) from 0.6.2 to 0.6.4.
- [Release notes](https://github.com/Frommi/miniz_oxide/releases)
- [Changelog](https://github.com/Frommi/miniz_oxide/blob/master/CHANGELOG.md)
- [Commits](https://github.com/Frommi/miniz_oxide/compare/0.6.2...0.6.4)

---
updated-dependencies:
- dependency-name: miniz_oxide
  dependency-type: indirect
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-02-01 23:44:16 +00:00
dependabot[bot]
e4ed9bc557 build: Bump uuid from 1.2.2 to 1.3.0 in /fuzz
Bumps [uuid](https://github.com/uuid-rs/uuid) from 1.2.2 to 1.3.0.
- [Release notes](https://github.com/uuid-rs/uuid/releases)
- [Commits](https://github.com/uuid-rs/uuid/compare/1.2.2...1.3.0)

---
updated-dependencies:
- dependency-name: uuid
  dependency-type: indirect
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-02-01 23:27:32 +00:00
dependabot[bot]
f4509c3611 build: Bump kvm-ioctls from 0.12.0 to 0.13.0
Bumps [kvm-ioctls](https://github.com/rust-vmm/kvm-ioctls) from 0.12.0 to 0.13.0.
- [Release notes](https://github.com/rust-vmm/kvm-ioctls/releases)
- [Changelog](https://github.com/rust-vmm/kvm-ioctls/blob/main/CHANGELOG.md)
- [Commits](https://github.com/rust-vmm/kvm-ioctls/commits)

---
updated-dependencies:
- dependency-name: kvm-ioctls
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: Rob Bradford <robert.bradford@intel.com>
2023-02-01 12:23:00 +00:00
Bo Chen
ecbb8ab282 docs: Add @likebreath to MAINTAINERS.md
Signed-off-by: Bo Chen <chen.bo@intel.com>
2023-02-01 12:19:07 +00:00
Wei Liu
29ebecccb0 tpm: be more consistent when converting responses
Do the following:

1. Use from_be_bytes to drop mutable slices.
2. Check for the exact buffer size throughout.
3. Simplify ptm_to_request where possible.
4. Make error messages style consistent.

Fix a typo in code comment while at it.

Signed-off-by: Wei Liu <liuwe@microsoft.com>
2023-01-31 18:09:28 +00:00
Wei Liu
5646a917ff tpm: handle short write
There is no guarantee that the write can send the whole buffer at once.

In those rare occasions, we should return a sensible error.

Signed-off-by: Wei Liu <liuwe@microsoft.com>
2023-01-31 18:09:28 +00:00
Wei Liu
6e22f23831 tpm: save almost 8KB stack space
The largest possible PTM response is only 16 bytes. Size the output
buffer correctly.

In the socket read function, rely on the caller to provide a
sufficiently large buffer. That eliminates another large stack variable.

In total this saves almost 8KB stack space.

Signed-off-by: Wei Liu <liuwe@microsoft.com>
2023-01-31 18:09:28 +00:00
Wei Liu
8e996ff2fe tpm: drop unnecessary cast
Signed-off-by: Wei Liu <liuwe@microsoft.com>
2023-01-31 18:09:28 +00:00
Wei Liu
2d2f356d94 devices: tpm: failure to deliver request is considered fatal
Signed-off-by: Wei Liu <liuwe@microsoft.com>
2023-01-31 18:09:18 +00:00
dependabot[bot]
938c16f2b2 build: Bump cc from 1.0.78 to 1.0.79
Bumps [cc](https://github.com/rust-lang/cc-rs) from 1.0.78 to 1.0.79.
- [Release notes](https://github.com/rust-lang/cc-rs/releases)
- [Commits](https://github.com/rust-lang/cc-rs/compare/1.0.78...1.0.79)

---
updated-dependencies:
- dependency-name: cc
  dependency-type: indirect
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-01-31 13:51:07 +00:00
dependabot[bot]
105a7dd7aa build: Bump cc from 1.0.78 to 1.0.79 in /fuzz
Bumps [cc](https://github.com/rust-lang/cc-rs) from 1.0.78 to 1.0.79.
- [Release notes](https://github.com/rust-lang/cc-rs/releases)
- [Commits](https://github.com/rust-lang/cc-rs/compare/1.0.78...1.0.79)

---
updated-dependencies:
- dependency-name: cc
  dependency-type: indirect
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-01-30 23:21:59 +00:00
Wei Liu
11ef495e6b performance-metrics: share build.rs from project root
No need to duplicate the same content in two places.

Signed-off-by: Wei Liu <liuwe@microsoft.com>
2023-01-30 21:10:02 +00:00
Wei Liu
34b3170680 vmm: fix two typos
Change "thead" to "thread".

Also make sure the two messages are distinguishable by adding "vmm" and
"vm" prefix.

Signed-off-by: Wei Liu <liuwe@microsoft.com>
2023-01-30 21:10:02 +00:00
Wei Liu
427a2bacf5 block_util: convert aligned_operations to SmallVec
The number of aligned operations can not be larger than the number of
descriptors. Initializing the capacity to 1 is good enough per the
observation that most of time there is only one data descriptor in a
given request.

Signed-off-by: Wei Liu <liuwe@microsoft.com>
2023-01-30 08:13:40 +00:00
Wei Liu
1325c76525 block_util: use SmallVec in async adaptor
Also fix a comment while at it.

Signed-off-by: Wei Liu <liuwe@microsoft.com>
2023-01-30 08:13:40 +00:00
Michael Zhao
4a51a6615f arch: Fix AArch64 socket setting in CPU topology
Before Linux v6.0, AArch64 didn't support "socket" in "cpu-map"
(CPU topology) of FDT.

We found that clusters can be used in the same way of sockets. That is
the way we implemented the socket settings in Cloud Hypervisor. But in
fact it was a bug.

Linux commit 26a2b7 fixed the mistake. So the cluster nodes can no
longer act as sockets. And in a following commit dea8c0, sockets were
supported.

This patch fixed the way to configure sockets. In each socket, a default
cluster was added to contain all the cores, because cluster layer is
mandatory in CPU topology on AArch64.

This fix will break the socket settings on the guests where the kernel
version is lower than v6.0. In that case, if socket number is set to
more than 1, the kernel will treat that as FDT mistake and all the CPUs
will be put in single cluster of single socket.

The patch only impacts the case of using FDT, not ACPI.

Signed-off-by: Michael Zhao <michael.zhao@arm.com>
2023-01-30 08:12:56 +00:00
Rob Bradford
d5ce855649 misc: Update reference kernel to 6.1.6
Signed-off-by: Rob Bradford <robert.bradford@intel.com>
2023-01-30 08:12:56 +00:00
Bo Chen
496f932276 build: Temporarily disable bare metal x86-64 workers
These machines are unreachable.

Signed-off-by: Bo Chen <chen.bo@intel.com>
2023-01-28 09:27:27 +00:00
dependabot[bot]
c33efe294a build: Bump micro_http from fbef706 to b538bf8
Bumps [micro_http](https://github.com/firecracker-microvm/micro-http) from `fbef706` to `b538bf8`.
- [Release notes](https://github.com/firecracker-microvm/micro-http/releases)
- [Commits](fbef706e28...b538bf89e5)

---
updated-dependencies:
- dependency-name: micro_http
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-01-27 23:59:35 +00:00
dependabot[bot]
2d022d0c85 build: Bump micro_http from fbef706 to b538bf8 in /fuzz
Bumps [micro_http](https://github.com/firecracker-microvm/micro-http) from `fbef706` to `b538bf8`.
- [Release notes](https://github.com/firecracker-microvm/micro-http/releases)
- [Commits](fbef706e28...b538bf89e5)

---
updated-dependencies:
- dependency-name: micro_http
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-01-27 23:19:16 +00:00
Praveen K Paladugu
5b31b19530 tests: enable tpm tests for mshv
Signed-off-by: Praveen K Paladugu <prapal@linux.microsoft.com>
2023-01-27 21:14:38 +00:00
Praveen K Paladugu
ad202f9b7a hypervisor: x86: emulate MOVSB
Signed-off-by: Praveen K Paladugu <prapal@linux.microsoft.com>
2023-01-27 21:14:38 +00:00
Wei Liu
3a225aaa23 hypervisor: x86: emulate MOVSW
Signed-off-by: Wei Liu <liuwe@microsoft.com>
2023-01-27 21:14:38 +00:00
Wei Liu
1bfa07f48e hypervisor: x86: use a macro to generate emulate function for movs
No functional change.

Signed-off-by: Wei Liu <liuwe@microsoft.com>
2023-01-27 21:14:38 +00:00
Ravi kumar Veeramally
8e682bcb00 scripts: Avoid warning from mkdosfs command
Fix lowercase label to avoid "mkfs.fat: Warning: lowercase labels
might not work properly on some systems".

Signed-off-by: Ravi kumar Veeramally <ravikumar.veeramally@intel.com>
2023-01-27 08:12:38 -08:00
Bo Chen
1ee2922dbc Jenkinsfile: Enforce global execution timeout
This patch adds a global execution timeout to the Jenkinsfile to avoid
infinite pending Jenkins pipelines, such as when certain worker nodes
are not available. The global execution timeout is now set to 4 hours
which is derived from total timeout of our longest stage (e.g. the
`Worker build`).

Fixes: #5148

Signed-off-by: Bo Chen <chen.bo@intel.com>
2023-01-27 08:04:40 +00:00
dependabot[bot]
2ce503f457 build: Bump libfuzzer-sys from 0.4.5 to 0.4.6 in /fuzz
Bumps [libfuzzer-sys](https://github.com/rust-fuzz/libfuzzer) from 0.4.5 to 0.4.6.
- [Release notes](https://github.com/rust-fuzz/libfuzzer/releases)
- [Changelog](https://github.com/rust-fuzz/libfuzzer/blob/main/CHANGELOG.md)
- [Commits](https://github.com/rust-fuzz/libfuzzer/compare/0.4.5...0.4.6)

---
updated-dependencies:
- dependency-name: libfuzzer-sys
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-01-26 23:17:41 +00:00
Bo Chen
574576c8e9 misc: Automatically fix cargo clippy issues added in 1.68 (beta)
Signed-off-by: Bo Chen <chen.bo@intel.com>
2023-01-26 08:58:37 -08:00
Ravi kumar Veeramally
aaf67c9ae4 doc: Add musl-tools to instructions for build
As a first time user of cloud-hypervisor and Rust environment
you get build errors with out this.

Signed-off-by: Ravi kumar Veeramally <ravikumar.veeramally@intel.com>
2023-01-26 08:09:46 -08:00
Rob Bradford
8b9da4e286 build: Bump MSRV to 1.62
Needed for #[derive(Default)] on enums which is now clippy checked in
1.68.

Fixes: #5140

Signed-off-by: Rob Bradford <robert.bradford@intel.com>
2023-01-26 13:05:23 +00:00
dependabot[bot]
271f11d9ec build: Bump ssh2 from 0.9.3 to 0.9.4
Bumps [ssh2](https://github.com/alexcrichton/ssh2-rs) from 0.9.3 to 0.9.4.
- [Release notes](https://github.com/alexcrichton/ssh2-rs/releases)
- [Commits](https://github.com/alexcrichton/ssh2-rs/compare/0.9.3...0.9.4)

---
updated-dependencies:
- dependency-name: ssh2
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-01-26 07:59:11 +00:00
Muminul Islam
e436b382cc scripts: check if /dev/{mshv,kvm} exists before test run
Right now integration test fails during the test run if
/dev/mshv or /dev/kvm does not exist. We should not
progress and exit early if not present.

Signed-off-by: Muminul Islam <muislam@microsoft.com>
2023-01-26 07:58:13 +00:00
Wei Liu
1ce1fe7334 tpm: rework set_buffer_size
Make the code more idiomatic by wrapping the actual size configured in
the returning Result type. This further allows simplifying
get_buffer_size.

The debug message in startup_tpm is more useful if it prints out the
actual size than the wanted size.

No functional change.

Signed-off-by: Wei Liu <liuwe@microsoft.com>
2023-01-26 07:57:48 +00:00
Wei Liu
73af65f417 tpm: drop unused fields in BackendCmd struct
They are never used.

Signed-off-by: Wei Liu <liuwe@microsoft.com>
2023-01-26 07:57:48 +00:00
Wei Liu
cffde0ff65 devices: avoid unnecessary allocations in TPM code
Use the data buffer in the TPM device directly.

Signed-off-by: Wei Liu <liuwe@microsoft.com>
2023-01-26 07:57:48 +00:00
Wei Liu
e41b7d90d5 tpm: drop cmd from Emulator struct
The command is not done asynchronously. And there is no way to propagate
this error anywhere.

Signed-off-by: Wei Liu <liuwe@microsoft.com>
2023-01-26 07:57:48 +00:00
Wei Liu
60425471dd tpm: get_buffer_size always succeeds
Signed-off-by: Wei Liu <liuwe@microsoft.com>
2023-01-26 07:57:48 +00:00
Wei Liu
2b76e1d7ba devices: simplify TPM handling
The error is never propagated anywhere. Drop it.

Avoid unwrapping unconditionally.

Signed-off-by: Wei Liu <liuwe@microsoft.com>
2023-01-26 07:57:48 +00:00