5341 Commits

Author SHA1 Message Date
Bo Chen
eed2a0d06b vmm: Add 'libc::SYS_shutdown' to vmm 'seccomp' filter list
Signed-off-by: Bo Chen <chen.bo@intel.com>
2022-03-31 09:22:07 +01:00
Bo Chen
d49363a5af tests: Enable guest console log for test_vfio_user
Signed-off-by: Bo Chen <chen.bo@intel.com>
2022-03-31 09:22:07 +01:00
Bo Chen
0e2cb9fd06 tests: Move to use Jammy guest image for test_vfio_user
Fixes: #3495

Signed-off-by: Bo Chen <chen.bo@intel.com>
2022-03-31 09:22:07 +01:00
Bo Chen
661e5eb084 scripts: Use the same spdk version from dev container for aarch64
Signed-off-by: Bo Chen <chen.bo@intel.com>
2022-03-31 09:22:07 +01:00
Bo Chen
cec035c6e0 tests: Increase timeout after vfio-user device hotplug
As reported by the periodic CI runs, it may take more time for the NVMe
device to present in the guest after being hotplugged as a VFIO user
device on `aarch64` (especially under high load). Let's increase the
timeout after device hotplug from `1s` to `10s` to increase the test
stability.

Fixes: #3495

Signed-off-by: Bo Chen <chen.bo@intel.com>
2022-03-31 09:22:07 +01:00
Bo Chen
3679be3721 tests: Enable hugepages for test_vfio_user
This is will fix a warning reported from the SPDK/NVMe backend when the
memory address is not 2M aligned.

Signed-off-by: Bo Chen <chen.bo@intel.com>
2022-03-31 09:22:07 +01:00
dependabot[bot]
67727deb0a build: bump redox_syscall from 0.2.12 to 0.2.13
Bumps redox_syscall from 0.2.12 to 0.2.13.

---
updated-dependencies:
- dependency-name: redox_syscall
  dependency-type: indirect
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-03-31 00:50:41 +00:00
dependabot[bot]
caa15c5c02 build: bump lock_api from 0.4.6 to 0.4.7
Bumps [lock_api](https://github.com/Amanieu/parking_lot) from 0.4.6 to 0.4.7.
- [Release notes](https://github.com/Amanieu/parking_lot/releases)
- [Changelog](https://github.com/Amanieu/parking_lot/blob/master/CHANGELOG.md)
- [Commits](https://github.com/Amanieu/parking_lot/compare/lock_api-0.4.6...lock_api-0.4.7)

---
updated-dependencies:
- dependency-name: lock_api
  dependency-type: indirect
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-03-31 00:23:33 +00:00
dependabot[bot]
d1312c3143 build: bump redox_users from 0.4.2 to 0.4.3
Bumps redox_users from 0.4.2 to 0.4.3.

---
updated-dependencies:
- dependency-name: redox_users
  dependency-type: indirect
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-03-30 23:44:27 +00:00
Fabiano Fidêncio
f049867cd9 vmm,memory_manager: Deny resizing only if the ram amount has changed
Similarly to the previous commit restricting the cpu resizing error only
to the situations where the vcpu amount has changed, let's do the same
with the memory and be consistent throughout our code base.

Signed-off-by: Fabiano Fidêncio <fabiano.fidencio@intel.com>
2022-03-30 21:29:08 +01:00
Fabiano Fidêncio
2c8045343c vmm,cpu: Deny resizing only if the vcpu amount has changed
188078467db42f50f5b7e7a7969738ebf8aec95c made clear that resize should
only happen when dealing with a "dynamic" CpuManager.  Although this is
very much correct, it causes a regression on Kata Containers (and on any
other consumer of Cloud Hypervisor) in cases where a resize would be
triggered but the vCPUs values wouldn't be changed.

There's no doubt Kata Containers could do better and do not call a
resize in such situations, and that's something that should **also** be
solved there.  However, we should also work this around on Cloud
Hypervisor side as it introduces a regression with the current Kata
Containers code.

Signed-off-by: Fabiano Fidêncio <fabiano.fidencio@intel.com>
2022-03-30 21:29:08 +01:00
Sebastien Boeuf
db06c31305 arch: x86_64: Patch CPUID based on TDX capabilities
Based on the XFAM masks retrieved from the TDX capabilities, the CPUID
must be patched.

Signed-off-by: Sebastien Boeuf <sebastien.boeuf@intel.com>
2022-03-30 14:57:23 +01:00
Sebastien Boeuf
b0077f0b5e hypervisor: Implement retrieval of TDX capabilities
Extend the Hypervisor API in order to retrieve the TDX capabilities from
the underlying hypervisor.

Signed-off-by: Sebastien Boeuf <sebastien.boeuf@intel.com>
2022-03-30 14:57:23 +01:00
Sebastien Boeuf
f310dc0916 hypervisor: Don't enable TDX debug
This might not be correctly supported, therefore best to keep it
disabled by default.

Signed-off-by: Sebastien Boeuf <sebastien.boeuf@intel.com>
2022-03-30 14:57:23 +01:00
Sebastien Boeuf
3c973fa7ce virtio-devices: vhost-user: Add support for TDX
By enabling the VIRTIO feature VIRTIO_F_IOMMU_PLATFORM for all
vhost-user devices when needed, we force the guest to use the DMA API,
making these devices compatible with TDX. By using DMA API, the guest
triggers the TDX codepath to share some of the guest memory, in
particular the virtqueues and associated buffers so that the VMM and
vhost-user backends/processes can access this memory.

Signed-off-by: Sebastien Boeuf <sebastien.boeuf@intel.com>
2022-03-30 10:32:23 +02:00
dependabot[bot]
d310abed44 build: bump indexmap from 1.8.0 to 1.8.1
Bumps [indexmap](https://github.com/bluss/indexmap) from 1.8.0 to 1.8.1.
- [Release notes](https://github.com/bluss/indexmap/releases)
- [Changelog](https://github.com/bluss/indexmap/blob/master/RELEASES.rst)
- [Commits](https://github.com/bluss/indexmap/compare/1.8.0...1.8.1)

---
updated-dependencies:
- dependency-name: indexmap
  dependency-type: indirect
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-03-30 00:32:21 +00:00
dependabot[bot]
a9b9251756 build: bump indexmap from 1.8.0 to 1.8.1 in /fuzz
Bumps [indexmap](https://github.com/bluss/indexmap) from 1.8.0 to 1.8.1.
- [Release notes](https://github.com/bluss/indexmap/releases)
- [Changelog](https://github.com/bluss/indexmap/blob/master/RELEASES.rst)
- [Commits](https://github.com/bluss/indexmap/compare/1.8.0...1.8.1)

---
updated-dependencies:
- dependency-name: indexmap
  dependency-type: indirect
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-03-29 23:46:58 +00:00
Rob Bradford
c66be2e974 tests: Split test_simple_launch() into separate tests
This will make it much easier identify which tests are failing.

Signed-off-by: Rob Bradford <robert.bradford@intel.com>
2022-03-29 15:20:58 +01:00
Rob Bradford
ca68b9e7a9 build: Remove "cmos" feature gate
Signed-off-by: Rob Bradford <robert.bradford@intel.com>
2022-03-29 15:20:58 +01:00
Rob Bradford
e0d3efec6e devices: cmos: Implement CMOS based reset
If EFI reset fails on the Linux kernel then it will fallthrough to CMOS
reset. Implement this as one of our reset solutions.

Fixes: #3912

Signed-off-by: Rob Bradford <robert.bradford@intel.com>
2022-03-29 15:20:58 +01:00
dependabot[bot]
4529bd8d0e build: bump semver from 1.0.6 to 1.0.7
Bumps [semver](https://github.com/dtolnay/semver) from 1.0.6 to 1.0.7.
- [Release notes](https://github.com/dtolnay/semver/releases)
- [Commits](https://github.com/dtolnay/semver/compare/1.0.6...1.0.7)

---
updated-dependencies:
- dependency-name: semver
  dependency-type: indirect
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-03-29 10:20:55 +00:00
dependabot[bot]
b8d0fee17f build: bump syn from 1.0.89 to 1.0.90
Bumps [syn](https://github.com/dtolnay/syn) from 1.0.89 to 1.0.90.
- [Release notes](https://github.com/dtolnay/syn/releases)
- [Commits](https://github.com/dtolnay/syn/compare/1.0.89...1.0.90)

---
updated-dependencies:
- dependency-name: syn
  dependency-type: indirect
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-03-29 09:41:42 +00:00
dependabot[bot]
43179bb44e build: bump getrandom from 0.2.5 to 0.2.6
Bumps [getrandom](https://github.com/rust-random/getrandom) from 0.2.5 to 0.2.6.
- [Release notes](https://github.com/rust-random/getrandom/releases)
- [Changelog](https://github.com/rust-random/getrandom/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rust-random/getrandom/compare/v0.2.5...v0.2.6)

---
updated-dependencies:
- dependency-name: getrandom
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-03-29 00:33:44 +00:00
dependabot[bot]
fa8af3421a build: bump paste from 1.0.6 to 1.0.7
Bumps [paste](https://github.com/dtolnay/paste) from 1.0.6 to 1.0.7.
- [Release notes](https://github.com/dtolnay/paste/releases)
- [Commits](https://github.com/dtolnay/paste/compare/1.0.6...1.0.7)

---
updated-dependencies:
- dependency-name: paste
  dependency-type: indirect
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-03-28 23:43:10 +00:00
dependabot[bot]
ac9335d111 build: bump syn from 1.0.89 to 1.0.90 in /fuzz
Bumps [syn](https://github.com/dtolnay/syn) from 1.0.89 to 1.0.90.
- [Release notes](https://github.com/dtolnay/syn/releases)
- [Commits](https://github.com/dtolnay/syn/compare/1.0.89...1.0.90)

---
updated-dependencies:
- dependency-name: syn
  dependency-type: indirect
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-03-28 23:35:31 +00:00
Rob Bradford
7c0cf8cc23 arch, devices, vmm: Remove "acpi" feature gate
Compile this feature in by default as it's well supported on both
aarch64 and x86_64 and we only officially support using it (no non-acpi
binaries are available.)

Signed-off-by: Rob Bradford <robert.bradford@intel.com>
2022-03-28 09:18:29 -07:00
Rob Bradford
fa7487629f scripts: Fix feature build for aarch64 and mshv builds
These were erroneously skipping features for the unit tests and the
"build" target for dev_cli.sh

Signed-off-by: Rob Bradford <robert.bradford@intel.com>
2022-03-28 09:18:29 -07:00
Rob Bradford
6eb47bdb03 scripts: Remove unused "cargo" testing script
These are never run by the CI and is inconsistent with the way we build
test which is specified inside the .github workflows.

Signed-off-by: Rob Bradford <robert.bradford@intel.com>
2022-03-28 09:18:29 -07:00
Rob Bradford
3c9e97ce00 .github: Add build testing of "gdb" build feature
Signed-off-by: Rob Bradford <robert.bradford@intel.com>
2022-03-28 09:18:29 -07:00
Rob Bradford
a9fdaa6734 .github: Simplify feature testing in workflows
This includes the removal of testing without the "acpi" feature. The
command have been reordered to reduce the amount of recompilation
required.

Signed-off-by: Rob Bradford <robert.bradford@intel.com>
2022-03-28 09:18:29 -07:00
dependabot[bot]
41e8f1db73 build: bump getrandom from 0.2.5 to 0.2.6 in /fuzz
Bumps [getrandom](https://github.com/rust-random/getrandom) from 0.2.5 to 0.2.6.
- [Release notes](https://github.com/rust-random/getrandom/releases)
- [Changelog](https://github.com/rust-random/getrandom/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rust-random/getrandom/compare/v0.2.5...v0.2.6)

---
updated-dependencies:
- dependency-name: getrandom
  dependency-type: indirect
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-03-28 13:51:35 +00:00
dependabot[bot]
b08d0b5551 build: bump paste from 1.0.6 to 1.0.7 in /fuzz
Bumps [paste](https://github.com/dtolnay/paste) from 1.0.6 to 1.0.7.
- [Release notes](https://github.com/dtolnay/paste/releases)
- [Commits](https://github.com/dtolnay/paste/compare/1.0.6...1.0.7)

---
updated-dependencies:
- dependency-name: paste
  dependency-type: indirect
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-03-28 13:24:01 +00:00
dependabot[bot]
d3dc453cb0 build: bump semver from 1.0.6 to 1.0.7 in /fuzz
Bumps [semver](https://github.com/dtolnay/semver) from 1.0.6 to 1.0.7.
- [Release notes](https://github.com/dtolnay/semver/releases)
- [Commits](https://github.com/dtolnay/semver/compare/1.0.6...1.0.7)

---
updated-dependencies:
- dependency-name: semver
  dependency-type: indirect
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-03-28 12:18:25 +00:00
Sebastien Boeuf
2ef201e43f tests: Simplify test_vdpa_block() to increase stability
It seems the vdpa_sim_block isn't behaving properly after the vhost
device is closed, as it sometimes returns EBUSY when we try to open it
again. The easiest way to deal with this issue is by simplifying the
integration test, avoid to plug the same device after it's been
unplugged.

Signed-off-by: Sebastien Boeuf <sebastien.boeuf@intel.com>
2022-03-28 13:09:01 +01:00
dependabot[bot]
acd914f02d build: bump quote from 1.0.16 to 1.0.17 in /fuzz
Bumps [quote](https://github.com/dtolnay/quote) from 1.0.16 to 1.0.17.
- [Release notes](https://github.com/dtolnay/quote/releases)
- [Commits](https://github.com/dtolnay/quote/compare/1.0.16...1.0.17)

---
updated-dependencies:
- dependency-name: quote
  dependency-type: indirect
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-03-28 12:37:08 +01:00
dependabot[bot]
0cf100c180 build: bump quote from 1.0.16 to 1.0.17
Bumps [quote](https://github.com/dtolnay/quote) from 1.0.16 to 1.0.17.
- [Release notes](https://github.com/dtolnay/quote/releases)
- [Commits](https://github.com/dtolnay/quote/compare/1.0.16...1.0.17)

---
updated-dependencies:
- dependency-name: quote
  dependency-type: indirect
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-03-28 09:48:55 +00:00
Henry Wang
26351a81b2 scripts: Use the same linux kernel build function everywhere
This commit unifies the custom linux kernel build in x86, Arm, and
performance metrics to the same function. Therefore, when bumping
the kernel version, we can make sure we only need to make the change
in one place.

Signed-off-by: Henry Wang <Henry.Wang@arm.com>
2022-03-28 10:20:14 +01:00
William Douglas
c8d07f66d1 build: Add amx workflows
With the addition of the amx feature, add a new build workflow to
enable the feature and a clippy quality check.

Signed-off-by: William Douglas <william.douglas@intel.com>
2022-03-25 14:11:54 -07:00
William Douglas
6b0df31e5d vmm: Add support for enabling AMX in vm guests
AMX is an x86 extension adding hardware units for matrix
operations (int and float dot products). The goal of the extension is
to provide performance enhancements for these common operations.

On Linux, AMX requires requesting the permission from the kernel prior
to use. Guests wanting to make use of the feature need to have the
request made prior to starting the vm.

This change then adds the first --cpus features option amx that when
passed will enable AMX usage for guests (needs a 5.17+ kernel) or
exits with failure.

The activation is done in the CpuManager of the VMM thread as it
allows migration and snapshot/restore to work fairly painlessly for
AMX enabled workloads.

Signed-off-by: William Douglas <william.douglas@intel.com>
2022-03-25 14:11:54 -07:00
dependabot[bot]
96e2bedc10 build: bump redox_syscall from 0.2.11 to 0.2.12
Bumps redox_syscall from 0.2.11 to 0.2.12.

---
updated-dependencies:
- dependency-name: redox_syscall
  dependency-type: indirect
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-03-25 19:06:43 +00:00
dependabot[bot]
86a54a2658 build: bump log from 0.4.14 to 0.4.16
Bumps [log](https://github.com/rust-lang/log) from 0.4.14 to 0.4.16.
- [Release notes](https://github.com/rust-lang/log/releases)
- [Changelog](https://github.com/rust-lang/log/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rust-lang/log/commits)

---
updated-dependencies:
- dependency-name: log
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-03-25 18:26:18 +00:00
Rob Bradford
648b61d1cc virtio-devices: Add missing syscalls to virtio common list
Signed-off-by: Rob Bradford <robert.bradford@intel.com>
2022-03-25 17:56:49 +00:00
Sebastien Boeuf
0685cd8aae virtio-devices: vdpa: Remove get_iova_range() workaround
Now that we rely on vhost v0.4.0, which contains the fix for
get_iova_range(), we don't need the workaround anymore, and we can
actually call into the dedicated function.

Fixes #3861

Signed-off-by: Sebastien Boeuf <sebastien.boeuf@intel.com>
2022-03-25 17:37:08 +00:00
Sebastien Boeuf
8586c5497b deps: Update vhost and vhost-user-backend dependencies
Rely on newly released versions of the vhost and vhost-user-backend
crates from rust-vmm.

The new vhost version includes the fixes needed for vDPA.

Signed-off-by: Sebastien Boeuf <sebastien.boeuf@intel.com>
2022-03-25 17:51:07 +01:00
Henry Wang
90805dd131 scripts: run_metrics: Always build the custom linux kernel
This commit makes sure that the custom linux kernel is always
rebuilt when running the performance metrics tests, and therefore
changes to the kernel config file is always caught.

Signed-off-by: Henry Wang <Henry.Wang@arm.com>
2022-03-25 17:01:55 +01:00
Sebastien Boeuf
888a465232 docs: Add documentation for vDPA
Explain the reason why using vDPA might be interesting and how to use it
with Cloud Hypervisor.

Signed-off-by: Sebastien Boeuf <sebastien.boeuf@intel.com>
2022-03-25 15:30:20 +01:00
Bo Chen
639a7dd73a vmm: Improve 'test_config_validation' with precise Err assertions
Fixed: #3879

Signed-off-by: Bo Chen <chen.bo@intel.com>
2022-03-25 09:17:05 +00:00
Sebastien Boeuf
afd9f17b73 virtio-fs: Deprecate the DAX feature
Disable the DAX feature from the virtio-fs implementation as the feature
is still not stable. The feature is deprecated, meaning the 'dax'
parameter will be removed in about 2 releases cycles.

In the meantime, the parameter value is ignored and forced to be
disabled.

Signed-off-by: Sebastien Boeuf <sebastien.boeuf@intel.com>
2022-03-24 10:39:11 -07:00
Sebastien Boeuf
fd40aceabb tests: Fix flakiness in test_vdpa_block()
The test is sporadically failing whenever we try to hotplug the vDPA
device we've just unplugged. This is causing the kernel to complain with
EBUSY because the device hasn't been released yet. This is happening
because the CI system is under very high load, therefore taking quite
some time to the host to update the state of this device.

The easy way to fix such issue is by increasing the sleep time between
the unplug and the replug.

Signed-off-by: Sebastien Boeuf <sebastien.boeuf@intel.com>
2022-03-24 15:15:51 +01:00
Rob Bradford
7a8061818e vmm: Don't expose MemoryManager ACPI functionality unless required
When running non-dynamic or with virtio-mem for hotplug the ACPI
functionality should not be included on the DSDT nor does the
MemoryManager need to be placed on the MMIO bus.

Fixes: #3883

Signed-off-by: Rob Bradford <robert.bradford@intel.com>
2022-03-24 13:17:51 +00:00