Commit Graph

4365 Commits

Author SHA1 Message Date
Rob Bradford
34f220edcd main: Don't panic() if blocking signals fails
This allows Cloud Hypervisor to be run under `perf` as some of the
signals will already be blocked in the child process.

Signed-off-by: Rob Bradford <robert.bradford@intel.com>
2021-09-15 16:20:28 +01:00
Sebastien Boeuf
bcdac10149 deps: Bump kvm-bindings to v0.5.0
Update the kvm-bindings dependency so that Cloud Hypervisor now depends
on the version 0.5.0, which is based on Linux kernel v5.13.0. We still
have to rely on a forked version to be able to serialize all the KVM
structures we need.

Signed-off-by: Sebastien Boeuf <sebastien.boeuf@intel.com>
2021-09-15 16:20:17 +01:00
Rob Bradford
ccda1a004e devices: cmos: Increase robustness of CMOS device
Check sizes of data reads/writes to avoid panics.

Signed-off-by: Rob Bradford <robert.bradford@intel.com>
2021-09-15 09:40:20 +02:00
Rob Bradford
43f0dd6d25 devices: ioapic: Increase robustness of IOAPIC operations
Validate the size of I/O reads and check that no request is made to an
out of bounds index (which would cause a panic.)

Signed-off-by: Rob Bradford <robert.bradford@intel.com>
2021-09-15 09:40:20 +02:00
Rob Bradford
a77160dca4 devices: acpi: Increase robustness of bus devices
Check the size of data buffer for reading on the ApciPmTimer device to
avoid a potential panic if the guest uses non-DWORD access.

Simplify the zeroring of the buffer for AcpiShutdownDevice.

Signed-off-by: Rob Bradford <robert.bradford@intel.com>
2021-09-15 09:40:20 +02:00
dependabot[bot]
1d78812b63 build: bump serde_json from 1.0.67 to 1.0.68 in /fuzz
Bumps [serde_json](https://github.com/serde-rs/json) from 1.0.67 to 1.0.68.
- [Release notes](https://github.com/serde-rs/json/releases)
- [Commits](https://github.com/serde-rs/json/compare/v1.0.67...v1.0.68)

---
updated-dependencies:
- dependency-name: serde_json
  dependency-type: indirect
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2021-09-15 00:06:30 +00:00
dependabot[bot]
8836715c2d build: bump serde_json from 1.0.67 to 1.0.68
Bumps [serde_json](https://github.com/serde-rs/json) from 1.0.67 to 1.0.68.
- [Release notes](https://github.com/serde-rs/json/releases)
- [Commits](https://github.com/serde-rs/json/compare/v1.0.67...v1.0.68)

---
updated-dependencies:
- dependency-name: serde_json
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2021-09-15 00:06:23 +00:00
Alyssa Ross
330b5ea3be vmm: notify virtio-console of pty resizes
When a pty is resized (using the TIOCSWINSZ ioctl -- see ioctl_tty(2)),
the kernel will send a SIGWINCH signal to the pty's foreground process
group to notify it of the resize.  This is the only way to be notified
by the kernel of a pty resize.

We can't just make the cloud-hypervisor process's process group the
foreground process group though, because a process can only set the
foreground process group of its controlling terminal, and
cloud-hypervisor's controlling terminal will often be the terminal the
user is running it in.  To work around this, we fork a subprocess in a
new process group, and set its process group to be the foreground
process group of the pty.  The subprocess additionally must be running
in a new session so that it can have a different controlling
terminal.  This subprocess writes a byte to a pipe every time the pty
is resized, and the virtio-console device can listen for this in its
epoll loop.

Alternatives I considered were to have the subprocess just send
SIGWINCH to its parent, and to use an eventfd instead of a pipe.
I decided against the signal approach because re-purposing a signal
that has a very specific meaning (even if this use was only slightly
different to its normal meaning) felt unclean, and because it would
have required using pidfds to avoid race conditions if
cloud-hypervisor had terminated, which added complexity.  I decided
against using an eventfd because using a pipe instead allows the child
to be notified (via poll(2)) when nothing is reading from the pipe any
more, meaning it can be reliably notified of parent death and
terminate itself immediately.

I used clone3(2) instead of fork(2) because without
CLONE_CLEAR_SIGHAND the subprocess would inherit signal-hook's signal
handlers, and there's no other straightforward way to restore all signal
handlers to their defaults in the child process.  The only way to do
it would be to iterate through all possible signals, or maintain a
global list of monitored signals ourselves (vmm:vm::HANDLED_SIGNALS is
insufficient because it doesn't take into account e.g. the SIGSYS
signal handler that catches seccomp violations).

Signed-off-by: Alyssa Ross <hi@alyssa.is>
2021-09-14 15:43:25 +01:00
Alyssa Ross
98bfd1e988 virtio-devices: get tty size from the right tty
Previously, we were always getting the size from stdin, even when the
console was hooked up to a pty.

Signed-off-by: Alyssa Ross <hi@alyssa.is>
2021-09-14 15:43:25 +01:00
Alyssa Ross
28382a1491 virtio-devices: determine tty size in console
This prepares us to be able to handle console resizes in the console
device's epoll loop, which we'll have to do if the output is a pty,
since we won't get SIGWINCH from it.

Signed-off-by: Alyssa Ross <hi@alyssa.is>
2021-09-14 15:43:25 +01:00
dependabot[bot]
68e6a14deb build: bump anyhow from 1.0.43 to 1.0.44 in /fuzz
Bumps [anyhow](https://github.com/dtolnay/anyhow) from 1.0.43 to 1.0.44.
- [Release notes](https://github.com/dtolnay/anyhow/releases)
- [Commits](https://github.com/dtolnay/anyhow/compare/1.0.43...1.0.44)

---
updated-dependencies:
- dependency-name: anyhow
  dependency-type: indirect
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2021-09-14 00:54:59 +00:00
dependabot[bot]
f3778a7fc7 build: bump anyhow from 1.0.43 to 1.0.44
Bumps [anyhow](https://github.com/dtolnay/anyhow) from 1.0.43 to 1.0.44.
- [Release notes](https://github.com/dtolnay/anyhow/releases)
- [Commits](https://github.com/dtolnay/anyhow/compare/1.0.43...1.0.44)

---
updated-dependencies:
- dependency-name: anyhow
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2021-09-14 00:22:00 +00:00
dependabot[bot]
c6a110dd28 build: bump mshv-bindings from b01bbf8 to 0b58354
Bumps [mshv-bindings](https://github.com/rust-vmm/mshv) from `b01bbf8` to `0b58354`.
- [Release notes](https://github.com/rust-vmm/mshv/releases)
- [Commits](b01bbf8f6e...0b5835475c)

---
updated-dependencies:
- dependency-name: mshv-bindings
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
2021-09-13 23:36:12 +00:00
dependabot[bot]
b0c7df2e59 build: bump vfio-ioctls from a8ee64b to 06be730
Bumps [vfio-ioctls](https://github.com/rust-vmm/vfio-ioctls) from `a8ee64b` to `06be730`.
- [Release notes](https://github.com/rust-vmm/vfio-ioctls/releases)
- [Commits](a8ee64b978...06be730ff1)

---
updated-dependencies:
- dependency-name: vfio-ioctls
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
2021-09-11 17:43:43 +00:00
dependabot[bot]
1067059c4a build: bump mshv-ioctls from 0d6e4e8 to b01bbf8
Bumps [mshv-ioctls](https://github.com/rust-vmm/mshv) from `0d6e4e8` to `b01bbf8`.
- [Release notes](https://github.com/rust-vmm/mshv/releases)
- [Commits](0d6e4e82b9...b01bbf8f6e)

---
updated-dependencies:
- dependency-name: mshv-ioctls
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
2021-09-11 17:14:05 +00:00
Alyssa Ross
8abe8c679b seccomp: allow mmap everywhere brk is allowed
Musl often uses mmap to allocate memory where Glibc would use brk.
This has caused seccomp violations for me on the API and signal
handling threads.

Signed-off-by: Alyssa Ross <hi@alyssa.is>
2021-09-10 12:01:31 -07:00
Rob Bradford
b6b686c71c vmm: Shutdown VMM if API thread panics
See: #3031

Signed-off-by: Rob Bradford <robert.bradford@intel.com>
2021-09-10 10:52:08 -07:00
Rob Bradford
171d12943d vmm: memory_manager: Increase robustness of MemoryManager control device
See: #1289

Signed-off-by: Rob Bradford <robert.bradford@intel.com>
2021-09-10 10:23:19 -07:00
Rob Bradford
bdc44cd8bc vmm: cpu: Increase robustness of CpuManager control device
See: #1289

Signed-off-by: Rob Bradford <robert.bradford@intel.com>
2021-09-10 10:22:05 -07:00
Rob Bradford
33a55bac0f virtio-devices: seccomp: Split out common seccomp rules
As well as reducing the amount of code this also improves the binary
size slightly:

cargo bloat --release -n 2000 --bin cloud-hypervisor | grep virtio_devices::seccomp_filters::get_seccomp_rules

Before:
 0.1%   0.2%   7.8KiB       virtio_devices virtio_devices::seccomp_filters::get_seccomp_rules
After:
 0.0%   0.1%   3.0KiB       virtio_devices virtio_devices::seccomp_filters::get_seccomp_rules

Signed-off-by: Rob Bradford <robert.bradford@intel.com>
2021-09-10 10:11:12 -07:00
Rob Bradford
82ace6e327 build: Update version of toolchain in container
Signed-off-by: Rob Bradford <robert.bradford@intel.com>
2021-09-10 10:10:11 -07:00
Bo Chen
2e56f0df77 ci: Rustify ovs-dpdk setup and cleanup
Signed-off-by: Bo Chen <chen.bo@intel.com>
2021-09-10 07:41:15 +01:00
Bo Chen
a181b77bc8 ci: Add integration test for live migration with OVS-DPDK
Signed-off-by: Bo Chen <chen.bo@intel.com>
2021-09-10 07:41:15 +01:00
Bo Chen
9023412e31 tests: Refactor test_ovs_dpdk
This patch adds a separate function to launch two guest VMs and ensure
they are connected through ovs-dpdk, so that we can reuse this function
in other tests, e.g. the test for live-migration with ovs-dpdk.

Signed-off-by: Bo Chen <chen.bo@intel.com>
2021-09-10 07:41:15 +01:00
Rob Bradford
977a893d86 .github: Add aarch64 cross build to release
Fixes: #3099

Signed-off-by: Rob Bradford <robert.bradford@intel.com>
2021-09-09 15:10:10 +01:00
Rob Bradford
2c4f8d2218 build: Release v18.0
Signed-off-by: Rob Bradford <robert.bradford@intel.com>
2021-09-09 14:16:14 +01:00
Bo Chen
4f37a273d9 vmm: Fix clippy issue
error: all if blocks contain the same code at the end
   --> vmm/src/memory_manager.rs:884:9
    |
884 | /             Ok(mm)
885 | |         }
    | |_________^

Signed-off-by: Bo Chen <chen.bo@intel.com>
2021-09-08 13:31:19 -07:00
Rob Bradford
d64a77a5c6 vmm: Shutdown VMM if signal thread panics
See: #3031

Signed-off-by: Rob Bradford <robert.bradford@intel.com>
2021-09-08 11:26:48 -07:00
Rob Bradford
e0d05683ab vmm: Split up functions for creating signal handler and tty setup
These are quite separate and should be in their own functions.

Signed-off-by: Rob Bradford <robert.bradford@intel.com>
2021-09-08 11:26:48 -07:00
Rob Bradford
387753ae1d vmm: Remove concept of "input_enabled"
This concept ends up being broken with multiple types on input connected
e.g. console on TTY and serial on PTY. Already the code for checking for
injecting into the serial device checks that the serial is configured.

Signed-off-by: Rob Bradford <robert.bradford@intel.com>
2021-09-08 11:26:48 -07:00
Rob Bradford
951ad3495e vmm: Only resize virtio-console when attached to TTY
Fixes: #3092

Signed-off-by: Rob Bradford <robert.bradford@intel.com>
2021-09-08 11:26:48 -07:00
Rob Bradford
0dbb2683e3 vmm: Consolidate duplicated code for setting up signal handler
Signed-off-by: Rob Bradford <robert.bradford@intel.com>
2021-09-08 11:26:48 -07:00
Jianyong Wu
579710d3e0 tests: Enable some virtio-pmem test for Arm64
Signed-off-by: Jianyong Wu <jianyong.wu@arm.com>
2021-09-08 09:40:48 +01:00
Henry Wang
4d8a73735b tests: Enable Arm64 user defined mem regions test
Signed-off-by: Henry Wang <Henry.Wang@arm.com>
2021-09-08 09:40:48 +01:00
Rob Bradford
687d646c60 virtio-devices, vmm: Shutdown VMM on virtio thread panic
Shutdown the VMM in the virtio (or VMM side of vhost-user) thread
panics.

See: #3031

Signed-off-by: Rob Bradford <robert.bradford@intel.com>
2021-09-08 09:40:36 +01:00
Rob Bradford
54e523c302 virtio-devices: Use a common method for spawning virtio threads
Introduce a common solution for spawning the virtio threads which will
make it easier to add the panic handling.

During this effort I discovered that there were no seccomp filters
registered for the vhost-user-net thread nor the vhost-user-block
thread. This change also incorporates basic seccomp filters for those as
part of the refactoring.

Signed-off-by: Rob Bradford <robert.bradford@intel.com>
2021-09-08 09:40:36 +01:00
Wei Liu
4737679661 github: also build mshv enabled binaries
Signed-off-by: Wei Liu <liuwe@microsoft.com>
2021-09-07 16:09:36 +01:00
Wei Liu
9c5b404415 vmm: MSHV now supports VFIO-based device passthrough
Drop a few feature gates and adjust code a bit.

Signed-off-by: Wei Liu <liuwe@microsoft.com>
2021-09-07 15:17:08 +01:00
Wei Liu
6e9d3eccd6 hypervisor: implement devicefd management for MSHV
Signed-off-by: Wei Liu <liuwe@microsoft.com>
2021-09-07 15:17:08 +01:00
Wei Liu
10b954e954 build: use vfio-ioctls that supports MSHV
Disable default features and propagate hypervisor selection where
necessary.

Signed-off-by: Wei Liu <liuwe@microsoft.com>
2021-09-07 15:17:08 +01:00
dependabot[bot]
e4abf2ce6c build: bump vm-fdt from 720e48e to 06cbff3
Bumps [vm-fdt](https://github.com/rust-vmm/vm-fdt) from `720e48e` to `06cbff3`.
- [Release notes](https://github.com/rust-vmm/vm-fdt/releases)
- [Commits](720e48e435...06cbff3a02)

---
updated-dependencies:
- dependency-name: vm-fdt
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
2021-09-07 09:41:02 +00:00
dependabot[bot]
ad07a275c5 build: bump thiserror from 1.0.28 to 1.0.29 in /fuzz
Bumps [thiserror](https://github.com/dtolnay/thiserror) from 1.0.28 to 1.0.29.
- [Release notes](https://github.com/dtolnay/thiserror/releases)
- [Commits](https://github.com/dtolnay/thiserror/compare/1.0.28...1.0.29)

---
updated-dependencies:
- dependency-name: thiserror
  dependency-type: indirect
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2021-09-07 08:36:08 +00:00
dependabot[bot]
a20041ba68 build: bump thiserror from 1.0.28 to 1.0.29
Bumps [thiserror](https://github.com/dtolnay/thiserror) from 1.0.28 to 1.0.29.
- [Release notes](https://github.com/dtolnay/thiserror/releases)
- [Commits](https://github.com/dtolnay/thiserror/compare/1.0.28...1.0.29)

---
updated-dependencies:
- dependency-name: thiserror
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2021-09-07 08:35:50 +00:00
Henry Wang
eed0c927fd scripts: AArch64: Add missing tests in sequential mod
Signed-off-by: Henry Wang <Henry.Wang@arm.com>
2021-09-07 09:35:06 +01:00
Henry Wang
fb5cbd966e scripts: AArch64: Run test cases for split modules
Signed-off-by: Henry Wang <Henry.Wang@arm.com>
2021-09-07 09:35:06 +01:00
Henry Wang
25798a97b3 tests: Restructure AArch64 tests
Currently we need to test both device tree and ACPI on AArch64. As
the number of ACPI test cases is gradually increasing and expected
to increase in the future, it is better to extract all ACPI test
cases on AArch64 to a single module.

Signed-off-by: Henry Wang <Henry.Wang@arm.com>
2021-09-07 09:35:06 +01:00
Jianyong Wu
2752b07762 enable virtio-mem test for arm64
virtio-mem has enabled on arm64. let's test it.

Signed-off-by: Jianyong Wu <jianyong.wu@arm.com>
2021-09-07 09:34:22 +01:00
Jianyong Wu
a2e72774a9 bump kernel version to 5.14 for arm
Bump kernel version and update kernel config file accordingly.
Especially, enable virtio-mem and MEMORY_HOTPLUG_DEFAULT_ONLINE here.

Signed-off-by: Jianyong Wu <jianyong.wu@arm.com>
2021-09-07 09:34:22 +01:00
dependabot[bot]
584d5c5596 build: bump vm-fdt from fbf4f7f to 720e48e
Bumps [vm-fdt](https://github.com/rust-vmm/vm-fdt) from `fbf4f7f` to `720e48e`.
- [Release notes](https://github.com/rust-vmm/vm-fdt/releases)
- [Commits](fbf4f7f054...720e48e435)

---
updated-dependencies:
- dependency-name: vm-fdt
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
2021-09-04 15:57:21 +00:00
dependabot[bot]
828dbd5227 build: bump micro_http from c1a38b5 to 36e59a0
Bumps [micro_http](https://github.com/firecracker-microvm/micro-http) from `c1a38b5` to `36e59a0`.
- [Release notes](https://github.com/firecracker-microvm/micro-http/releases)
- [Commits](c1a38b507c...36e59a083e)

---
updated-dependencies:
- dependency-name: micro_http
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
2021-09-04 15:12:01 +00:00