Commit Graph

6731 Commits

Author SHA1 Message Date
dependabot[bot]
2f855c9a67 build: Bump cc from 1.0.77 to 1.0.78
Bumps [cc](https://github.com/rust-lang/cc-rs) from 1.0.77 to 1.0.78.
- [Release notes](https://github.com/rust-lang/cc-rs/releases)
- [Commits](https://github.com/rust-lang/cc-rs/compare/1.0.77...1.0.78)

---
updated-dependencies:
- dependency-name: cc
  dependency-type: indirect
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-12-16 00:04:51 +00:00
dependabot[bot]
b7e7455b49 build: Bump cc from 1.0.77 to 1.0.78 in /fuzz
Bumps [cc](https://github.com/rust-lang/cc-rs) from 1.0.77 to 1.0.78.
- [Release notes](https://github.com/rust-lang/cc-rs/releases)
- [Commits](https://github.com/rust-lang/cc-rs/compare/1.0.77...1.0.78)

---
updated-dependencies:
- dependency-name: cc
  dependency-type: indirect
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-12-15 23:23:12 +00:00
Rob Bradford
795f2a5558 vmm: memory_manager: Mark guest memory mappings as non-dumpable
Including the guest RAM (or other mapped memory) in a coredump is not
useful.

See: #5014

Signed-off-by: Rob Bradford <robert.bradford@intel.com>
2022-12-15 20:36:40 +01:00
dependabot[bot]
2b92a2778b build: Bump linux-raw-sys from 0.1.3 to 0.1.4
Bumps [linux-raw-sys](https://github.com/sunfishcode/linux-raw-sys) from 0.1.3 to 0.1.4.
- [Release notes](https://github.com/sunfishcode/linux-raw-sys/releases)
- [Commits](https://github.com/sunfishcode/linux-raw-sys/compare/v0.1.3...v0.1.4)

---
updated-dependencies:
- dependency-name: linux-raw-sys
  dependency-type: indirect
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-12-14 23:43:43 +00:00
Rob Bradford
cbe988d33e .build: Add .vscode to .gitignore
Signed-off-by: Rob Bradford <robert.bradford@intel.com>
2022-12-14 14:27:32 +00:00
Rob Bradford
5e52729453 misc: Automatically fix cargo clippy issues added in 1.65 (stable)
Signed-off-by: Rob Bradford <robert.bradford@intel.com>
2022-12-14 14:27:19 +00:00
Rob Bradford
8b59316718 build: Temporarily disable bare metal x86-64 workers
These machines are unreachable.

Signed-off-by: Rob Bradford <robert.bradford@intel.com>
2022-12-14 10:47:15 +00:00
dependabot[bot]
6e8972372e build: Bump linux-raw-sys from 0.1.3 to 0.1.4 in /fuzz
Bumps [linux-raw-sys](https://github.com/sunfishcode/linux-raw-sys) from 0.1.3 to 0.1.4.
- [Release notes](https://github.com/sunfishcode/linux-raw-sys/releases)
- [Commits](https://github.com/sunfishcode/linux-raw-sys/compare/v0.1.3...v0.1.4)

---
updated-dependencies:
- dependency-name: linux-raw-sys
  dependency-type: indirect
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-12-14 10:28:13 +01:00
dependabot[bot]
748ba1f50d build: Bump paste from 1.0.9 to 1.0.10
Bumps [paste](https://github.com/dtolnay/paste) from 1.0.9 to 1.0.10.
- [Release notes](https://github.com/dtolnay/paste/releases)
- [Commits](https://github.com/dtolnay/paste/compare/1.0.9...1.0.10)

---
updated-dependencies:
- dependency-name: paste
  dependency-type: indirect
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-12-14 10:28:05 +01:00
Rob Bradford
a48d7c281e vmm: seccomp: Remove unreachable patterns
Make HypervisorType enum's members conditional on build time features.

Signed-off-by: Rob Bradford <robert.bradford@intel.com>
2022-12-13 18:10:42 +00:00
Rob Bradford
aea1f7743b devices: Remove unnecessary clippy directives
Clippy passes fine without these and remove some genuinely unused code.

Signed-off-by: Rob Bradford <robert.bradford@intel.com>
2022-12-13 18:10:42 +00:00
Rob Bradford
ab8e559343 block_util: Use anonymous case to handle ioctl signature difference
Between musl and glibc there is a difference in the signature of the
ioctl libc function. Use an anonymous cast to force the type coversion.

Signed-off-by: Rob Bradford <robert.bradford@intel.com>
2022-12-13 18:10:42 +00:00
Rob Bradford
1b314cff5b acpi_tables: sdt: Implement Std::is_empty()
This allows the removal of [allow(clippy::len_without_is_empty)]

Signed-off-by: Rob Bradford <robert.bradford@intel.com>
2022-12-13 18:10:42 +00:00
Claudio Fontana
683d116416 docs: update UEFI.md to reference upstream tianocore EDK2 repository
after testing the build briefly, it seems upstream tianocore EDK2 works fine,
no need for the separate cloud-hypervisor edk2 repo.

Signed-off-by: Claudio Fontana <claudio.fontana@gmail.com>
2022-12-13 18:16:34 +01:00
Henry Wang
b93d50582d docs: Consolidate AArch64 guest booting doc into README
Take the opportunity to fix a bug in the `Booting the guest VM` doc
in README.

Signed-off-by: Henry Wang <Henry.Wang@arm.com>
2022-12-13 13:38:11 +00:00
Henry Wang
de4cd49c6d docs: Consolidate AArch64 kernel building doc into README
Signed-off-by: Henry Wang <Henry.Wang@arm.com>
2022-12-13 13:38:11 +00:00
Henry Wang
709545920e docs: Consolidate AArch64 cloud-img related doc into README
Signed-off-by: Henry Wang <Henry.Wang@arm.com>
2022-12-13 13:38:11 +00:00
Henry Wang
2b11966faa docs: Consolidate AArch64 UEFI doc into uefi.md
Signed-off-by: Henry Wang <Henry.Wang@arm.com>
2022-12-13 13:38:11 +00:00
Henry Wang
6835dfa5e9 docs: Consolidate building on AArch64 to building.md
Signed-off-by: Henry Wang <Henry.Wang@arm.com>
2022-12-13 13:38:11 +00:00
Henry Wang
d15e1f1a13 docs: Move AArch64 hardware requirements to README
Also drop the SWAP enabling requirements for AArch64 because this
is an AArch64 specific issue.

Signed-off-by: Henry Wang <Henry.Wang@arm.com>
2022-12-13 13:38:11 +00:00
dependabot[bot]
8ab15b9a98 build: Bump serde from 1.0.149 to 1.0.150
Bumps [serde](https://github.com/serde-rs/serde) from 1.0.149 to 1.0.150.
- [Release notes](https://github.com/serde-rs/serde/releases)
- [Commits](https://github.com/serde-rs/serde/compare/v1.0.149...v1.0.150)

---
updated-dependencies:
- dependency-name: serde
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-12-13 00:08:23 +00:00
dependabot[bot]
287ec367d6 build: Bump serde from 1.0.149 to 1.0.150 in /fuzz
Bumps [serde](https://github.com/serde-rs/serde) from 1.0.149 to 1.0.150.
- [Release notes](https://github.com/serde-rs/serde/releases)
- [Commits](https://github.com/serde-rs/serde/compare/v1.0.149...v1.0.150)

---
updated-dependencies:
- dependency-name: serde
  dependency-type: indirect
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-12-12 23:27:28 +00:00
Rob Bradford
9fb0274479 vmm: Deprecate MemoryZoneConfig::file
Remove from the documentation and API definition but continue support
using the field (with a deprecation warning.)

See: #4837

Signed-off-by: Rob Bradford <robert.bradford@intel.com>
2022-12-12 16:44:04 +00:00
Bo Chen
51307dd509 fuzz: Add fuzzer for 'linux loader' cmdline
Signed-off-by: Bo Chen <chen.bo@intel.com>
2022-12-12 13:50:28 +00:00
Bo Chen
de06bf4aed vmm: Make "Vm::generate_cmdline()" public for fuzzing
Signed-off-by: Bo Chen <chen.bo@intel.com>
2022-12-12 13:50:28 +00:00
Bo Chen
32ded2c72b fuzz: Add fuzzer for 'linux loader'
Signed-off-by: Bo Chen <chen.bo@intel.com>
2022-12-12 13:50:28 +00:00
Sebastien Boeuf
8ecce8876e tests: Disable live upgrade testing
Since the refactoring of the vm-migration crate broke the backward
compatibility, we must disable the live upgrade tests until next
release.

Signed-off-by: Sebastien Boeuf <sebastien.boeuf@intel.com>
2022-12-09 10:26:06 +01:00
Sebastien Boeuf
3931b99d4e vm-migration: Introduce new constructor for Snapshot
This simplifies the Snapshot creation as we expect a SnapshotData to be
provided most of the time.

Signed-off-by: Sebastien Boeuf <sebastien.boeuf@intel.com>
2022-12-09 10:26:06 +01:00
Sebastien Boeuf
4ae6b595d7 vm-migration: Rename add_data_section() into add_data()
Signed-off-by: Sebastien Boeuf <sebastien.boeuf@intel.com>
2022-12-09 10:26:06 +01:00
Sebastien Boeuf
748018ace3 vm-migration: Don't store the id as part of Snapshot structure
The information about the identifier related to a Snapshot is only
relevant from the BTreeMap perspective, which is why we can get rid of
the duplicated identifier in every Snapshot structure.

Signed-off-by: Sebastien Boeuf <sebastien.boeuf@intel.com>
2022-12-09 10:26:06 +01:00
Sebastien Boeuf
426ee39972 vm-migration: Simplify SnapshotData implementation
Signed-off-by: Sebastien Boeuf <sebastien.boeuf@intel.com>
2022-12-09 10:26:06 +01:00
Sebastien Boeuf
1d1043316b vm-migration: Don't store snapshots through a Box
Signed-off-by: Sebastien Boeuf <sebastien.boeuf@intel.com>
2022-12-09 10:26:06 +01:00
Sebastien Boeuf
4517b76a23 vm-migration: Rename SnapshotDataSection into SnapshotData
Signed-off-by: Sebastien Boeuf <sebastien.boeuf@intel.com>
2022-12-09 10:26:06 +01:00
Sebastien Boeuf
1b32e2f8b2 vm-migration: Simplify SnapshotDataSection structure
Signed-off-by: Sebastien Boeuf <sebastien.boeuf@intel.com>
2022-12-09 10:26:06 +01:00
Sebastien Boeuf
5b3bcfa233 vm-migration: Snapshot should have a unique SnapshotDataSection
There's no reason to carry a HashMap of SnapshotDataSection per
Snapshot. And given we now provide at most one SnapshotDataSection per
Snapshot, there's no need to keep the id part of the SnapshotDataSection
structure.

Signed-off-by: Sebastien Boeuf <sebastien.boeuf@intel.com>
2022-12-09 10:26:06 +01:00
Sebastien Boeuf
0489b6314e tdx: Support new way of declaring memory resources
Without breaking the former way of declaring them. This is simply based
on the presence of the GUID TDX Metadata offset. If not present, we
consider the firmware is quite old and therefore we fallback onto the
previous way to expose memory resources.

Signed-off-by: Sebastien Boeuf <sebastien.boeuf@intel.com>
2022-12-08 10:13:12 -08:00
Rob Bradford
2c367bdde8 misc: Bulk update dependencies
In particular update to latest linux-loader release and point to latest
vfio repository for both crates hosted there.

Signed-off-by: Rob Bradford <robert.bradford@intel.com>
2022-12-07 18:24:58 +00:00
Sebastien Boeuf
4f3f36fe5f tdx: Add support for new method of TDVF descriptor discovery
The preferred way of retrieving the offset where to find the TDVF
descriptor structure is by going through a table of GUIDs that can be
found at a specific offset in the firmware file. If the expected GUIDs
can't be found, we can fallback onto the former way, which is to read
directly the value at a specific offset in the file.

This patch implements the new mechanism without breaking compatibility
for older firmwares as it keeps supporting the previous mechanism.

As a reference, here is the documentation from the EDK2 code, and
particularly from the OvmfPkg/ResetVector/Ia16/ResetVectorVtf0.asm file:

```
GUIDed structure.  To traverse this you should first verify the
presence of the table footer guid
(96b582de-1fb2-45f7-baea-a366c55a082d) at 0xffffffd0.  If that
is found, the two bytes at 0xffffffce are the entire table length.

The table is composed of structures with the form:

Data (arbitrary bytes identified by guid)
length from start of data to end of guid (2 bytes)
guid (16 bytes)

so work back from the footer using the length to traverse until you
either find the guid you're looking for or run off the beginning of
the table.
```

Signed-off-by: Sebastien Boeuf <sebastien.boeuf@intel.com>
2022-12-07 17:55:54 +00:00
Rob Bradford
4b08142117 misc: Remove #![allow(clippy::significant_drop_in_scrutinee)]
This isn't supported by clippy on Rust 1.60 but also no longer seems to
be required.

Signed-off-by: Rob Bradford <robert.bradford@intel.com>
2022-12-07 17:50:48 +00:00
Rob Bradford
b3e3a5fdd7 vmm: Fix clippy on musl toolchains
The datatype used for the ioctl() C library call is different between it
and the glibc toolchains. The easiest solution is to have the compiler
type cast to type of the parameter.

Signed-off-by: Rob Bradford <robert.bradford@intel.com>
2022-12-07 17:50:48 +00:00
Rob Bradford
a1c6ef8385 .github: Add musl variants to quality (clippy) checks
Signed-off-by: Rob Bradford <robert.bradford@intel.com>
2022-12-07 17:50:48 +00:00
dependabot[bot]
16d0906dfd build: Bump mshv-ioctls from 0983996 to 10d0c52
Bumps [mshv-ioctls](https://github.com/rust-vmm/mshv) from `0983996` to `10d0c52`.
- [Release notes](https://github.com/rust-vmm/mshv/releases)
- [Commits](098399606d...10d0c5208c)

---
updated-dependencies:
- dependency-name: mshv-ioctls
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-12-06 23:44:44 +00:00
dependabot[bot]
3e9ce6012c build: Bump rustix from 0.36.4 to 0.36.5 in /fuzz
Bumps [rustix](https://github.com/bytecodealliance/rustix) from 0.36.4 to 0.36.5.
- [Release notes](https://github.com/bytecodealliance/rustix/releases)
- [Commits](https://github.com/bytecodealliance/rustix/compare/v0.36.4...v0.36.5)

---
updated-dependencies:
- dependency-name: rustix
  dependency-type: indirect
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-12-06 23:21:09 +00:00
Shuaiyi Zhang
389264351e ch-remote: Add support for vmm.shutdown
Signed-off-by: Shuaiyi Zhang <zhangsy28@lenovo.com>
2022-12-06 13:21:55 -08:00
Rob Bradford
00becda899 README: Use consistent path to cloud-hypervisor binary
Signed-off-by: Rob Bradford <robert.bradford@intel.com>
2022-12-06 17:30:34 +00:00
dependabot[bot]
fe5bde236a build: Bump libc from 0.2.137 to 0.2.138
Bumps [libc](https://github.com/rust-lang/libc) from 0.2.137 to 0.2.138.
- [Release notes](https://github.com/rust-lang/libc/releases)
- [Commits](https://github.com/rust-lang/libc/compare/0.2.137...0.2.138)

---
updated-dependencies:
- dependency-name: libc
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-12-06 00:10:07 +00:00
dependabot[bot]
80cc2b6ef8 build: Bump libc from 0.2.137 to 0.2.138 in /fuzz
Bumps [libc](https://github.com/rust-lang/libc) from 0.2.137 to 0.2.138.
- [Release notes](https://github.com/rust-lang/libc/releases)
- [Commits](https://github.com/rust-lang/libc/compare/0.2.137...0.2.138)

---
updated-dependencies:
- dependency-name: libc
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-12-05 23:25:56 +00:00
Rob Bradford
c37dadcc9a .github: Enable "guest_debug" clippy on aarch64
Signed-off-by: Rob Bradford <robert.bradford@intel.com>
2022-12-05 17:23:52 +00:00
Rob Bradford
cefbf6b4a3 vmm: guest_debug: Mark coredump functionality x86_64 only
The coredump functionality is only implemented for x86_64 so it should
only be compiled in there.

Fixes: #4964

Signed-off-by: Rob Bradford <robert.bradford@intel.com>
2022-12-05 17:23:52 +00:00
Sebastien Boeuf
31209474b3 vmm: Move TDX initialization before vCPUs creation
TDX was broken by the recent refactoring moving the vCPU creation
earlier than before. The simple and correct way to fix this problem is
by moving the TDX initialization right before the vCPUs creation. The
rest of the TDX setup can remain where it is.

Signed-off-by: Sebastien Boeuf <sebastien.boeuf@intel.com>
2022-12-05 07:49:40 -08:00