645 Commits

Author SHA1 Message Date
Nuno Das Neves
00b4d97826 vmm: Replace hardcoded mshv IOCTL numbers in seccomp
Use the IOCTL numbers directly from mshv-ioctls instead of hardcoding
them in the seccomp filters.

Remove seccomp rules for unused ioctls:
MSHV_GET_VERSION_INFO,
MSHV_ASSERT_INTERRUPT.

Signed-off-by: Nuno Das Neves <nudasnev@microsoft.com>
2024-08-13 18:52:46 +00:00
Jinank Jain
3fe7d6d904 hypervisor: mshv: Disable previous GHCB page before setting new one
CVM guests can configure GHCB page multiple times during it's
lifetime depending on it's requirement. For example a Linux CVM guest
configures a different GHCB page during compressed kernel boot and sets
up a new one after decompressing the kernel. As a cleanup step, VMM
should unset the previous GHCB page before registering a new one for
a particular vcpu thread.

Signed-off-by: Jinank Jain <jinankjain@microsoft.com>
2024-08-13 16:59:31 +00:00
Alyssa Ross
02f146fef8 hypervisor: kvm: aarch64: fix get_device_attr() UB
DeviceFd::get_device_attr should be marked as unsafe, because it
allows writing to an arbitrary address.  I have opened a kvm-ioctls
PR[1] to fix this.  The hypervisor crate was using the function
unsafely by passing it addresses of immutable variables.  I noticed
this because an optimisation change[2] in Rust 1.80.0 caused the
kvm::aarch64::gic::tests::test_get_set_icc_regs test to start failing
when built in release mode.

To fix this, I've broken up the _access functions into _set and _get
variants, with the _get variant using a pointer to a mutable variable.
This has the side effect of making these functions a bit nicer to use,
because the caller now has no need to use references at all, for
either getting or setting.

[1]: https://github.com/rust-vmm/kvm-ioctls/pull/273
[2]: d2d24e395a

Signed-off-by: Alyssa Ross <hi@alyssa.is>
2024-08-13 16:16:11 +00:00
Wei Liu
1c7997c5c3 hypervisor: x86: emulate MOVSQ
Signed-off-by: Wei Liu <liuwe@microsoft.com>
2024-08-10 23:49:09 +00:00
dependabot[bot]
fee769bed4 build: Bump libc from 0.2.153 to 0.2.155
Bumps [libc](https://github.com/rust-lang/libc) from 0.2.153 to 0.2.155.
- [Release notes](https://github.com/rust-lang/libc/releases)
- [Commits](https://github.com/rust-lang/libc/compare/0.2.153...0.2.155)

---
updated-dependencies:
- dependency-name: libc
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-08-10 00:43:15 +00:00
Muminul Islam
5c4b5c0e40 hypervisor: mshv: add definition to get access pages
Signed-off-by: Muminul Islam <muislam@microsoft.com>
2024-08-09 17:40:13 +00:00
dependabot[bot]
513973873c build: Bump igvm from 0.3.1 to 0.3.3
Bumps [igvm](https://github.com/microsoft/igvm) from 0.3.1 to 0.3.3.
- [Release notes](https://github.com/microsoft/igvm/releases)
- [Commits](https://github.com/microsoft/igvm/compare/igvm-v0.3.1...igvm-v0.3.3)

---
updated-dependencies:
- dependency-name: igvm
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-08-02 23:56:38 +00:00
dependabot[bot]
dc72ef42dc build: Bump serde_with from 3.7.0 to 3.9.0
Bumps [serde_with](https://github.com/jonasbb/serde_with) from 3.7.0 to 3.9.0.
- [Release notes](https://github.com/jonasbb/serde_with/releases)
- [Commits](https://github.com/jonasbb/serde_with/compare/v3.7.0...v3.9.0)

---
updated-dependencies:
- dependency-name: serde_with
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-08-02 00:35:54 +00:00
dependabot[bot]
ddc3f194aa build: Bump anyhow from 1.0.81 to 1.0.86
Bumps [anyhow](https://github.com/dtolnay/anyhow) from 1.0.81 to 1.0.86.
- [Release notes](https://github.com/dtolnay/anyhow/releases)
- [Commits](https://github.com/dtolnay/anyhow/compare/1.0.81...1.0.86)

---
updated-dependencies:
- dependency-name: anyhow
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-07-26 00:25:08 +00:00
Jinank Jain
330e1aac36 hypervisor: mshv: Clear SW_EXIT_INFO1 in case of no error
There were some scenarios where we are not clearing SW_EXIT_INFO1 to
indicate that there were no error while handling the GHCB exit.
Recently, new Linux guests got stricter with checking the value of
SW_EXIT_INFO1 after coming back from VMGEXIT and started crashing. Fix
this behavior by clearing out SW_EXIT_INFO1 in case of no error.

Signed-off-by: Jinank Jain <jinankjain@microsoft.com>
2024-07-24 01:31:10 +00:00
Wei Liu
824e83ab0d hypervisor: x86: emulate STOS
Signed-off-by: Wei Liu <liuwe@microsoft.com>
2024-07-22 15:07:59 +00:00
dependabot[bot]
8803e4a2e7 build: Bump thiserror from 1.0.61 to 1.0.62
Bumps [thiserror](https://github.com/dtolnay/thiserror) from 1.0.61 to 1.0.62.
- [Release notes](https://github.com/dtolnay/thiserror/releases)
- [Commits](https://github.com/dtolnay/thiserror/compare/1.0.61...1.0.62)

---
updated-dependencies:
- dependency-name: thiserror
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-07-17 08:00:35 +00:00
dependabot[bot]
dec4a82058 build: Bump log from 0.4.21 to 0.4.22
Bumps [log](https://github.com/rust-lang/log) from 0.4.21 to 0.4.22.
- [Release notes](https://github.com/rust-lang/log/releases)
- [Changelog](https://github.com/rust-lang/log/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rust-lang/log/compare/0.4.21...0.4.22)

---
updated-dependencies:
- dependency-name: log
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-07-16 06:20:32 +00:00
Jinank Jain
b73d94f969 hypervisor: mshv: Refactor x86 emulator into different module
This is a preparatory work to make space for ARM64 emulator.
There is no functional change in this commit, just moving code from one
file to another.

Signed-off-by: Jinank Jain <jinankjain@microsoft.com>
2024-07-15 23:05:11 +00:00
Jinank Jain
ead4f767ff hypervisor: mshv: Restrict dependency to x86
iced_x86 is only available on x86 architecture.

Signed-off-by: Jinank Jain <jinankjain@microsoft.com>
2024-07-15 23:05:11 +00:00
Wei Liu
18340d9761 hypervisor: mshv: fine-grained control over translation flags
The assertion that only code emulation requires GVA to GPA translation
is wrong.

Allow the caller of `translate` to pass in permission flags directly.

Provide a new method `read_memory_flags` so that we can add the EXECUTE
permission flag where necessary.

Signed-off-by: Wei Liu <liuwe@microsoft.com>
2024-07-12 16:12:33 +00:00
Wei Liu
cfaa192eb4 hypervisor: emulator: drop the unused gva_to_gpa hook
That function is too limiting. It doesn't consider page permissions. It
is not used, so just drop it.

Signed-off-by: Wei Liu <liuwe@microsoft.com>
2024-07-12 16:12:33 +00:00
Wei Liu
14b45e4d2e hypervisor: mshv: handle GPA intercept
We will start receiving GPA intercepts. For our use cases they are
handled the same way as UNMAPPED GPA intercepts.

Put in some logging to distinguish the two cases.

Signed-off-by: Wei Liu <liuwe@microsoft.com>
2024-07-04 18:45:01 +00:00
Wei Liu
519476e842 hypervisor: mshv: relax the requirement for instruction emulation
Previously we required the hypervisor to give us a valid instruction
stream. That worked well enough because we never hit any edge conditions
(such as when the instruction stream crosses page boundary).

Now that MSHV can deal with partial or empty instruction stream, we can
remove that requirement.

Signed-off-by: Wei Liu <liuwe@microsoft.com>
2024-07-04 18:45:01 +00:00
Wei Liu
5fec858130 hypervisor: mshv: implement fetching instructions in emulator
Signed-off-by: Wei Liu <liuwe@microsoft.com>
2024-07-04 18:45:01 +00:00
Wei Liu
67f22b6aa4 hypervisor: mshv: fix GVA translation flags
Original we checked for R and W, but that code path never got executed.

It is now understood that we can only get here when we execute code. Fix
the permission flags.

Signed-off-by: Wei Liu <liuwe@microsoft.com>
2024-07-04 18:45:01 +00:00
Wei Liu
1eb4133034 hypervisor: x86: emulator: set IP properly for newly fetched stream
The default value of IP is zero. If the decoder's state not set
properly, then the guest state is going to be wrong.

Signed-off-by: Wei Liu <liuwe@microsoft.com>
2024-07-04 18:45:01 +00:00
Wei Liu
7c608f6380 hypervisor: x86: emulator: accept empty instruction stream input
The emulator should fetch from memory just fine.

Signed-off-by: Wei Liu <liuwe@microsoft.com>
2024-07-02 14:59:50 +00:00
Wei Liu
3ad8d24943 hypervisor: x86: emulator: fix a variable
Comparing RAX with RIP makes no logical sense other than RIP happens to
be the correct value. Use `target_rax` instead.

Signed-off-by: Wei Liu <liuwe@microsoft.com>
2024-07-02 14:59:50 +00:00
Wei Liu
56c6c02724 hypervisor: x86: emulator: test executing only one instruction
Signed-off-by: Wei Liu <liuwe@microsoft.com>
2024-07-02 14:59:50 +00:00
Wei Liu
19b0ea842b hypervisor: x86: emulator: add the second instruction to test comment
Signed-off-by: Wei Liu <liuwe@microsoft.com>
2024-07-02 14:59:50 +00:00
Rob Bradford
08cf983d42 build: Fix Cargo.toml formatting
In 42e9632c53d14cd0040db4952d40ba806c4b6ee9 a fix was made to address a
typo in the taplo configuration file. Fixing this typo indicated that
many Cargo.toml files were no longer adhering to the formatting rules.
Fix the formatting by running `taplo fmt`.

Signed-off-by: Rob Bradford <rbradford@rivosinc.com>
2024-06-18 16:19:12 +00:00
Josh Soref
42e9632c53 misc: Fix spelling issues
Misspellings were identified by:
  https://github.com/marketplace/actions/check-spelling

* Initial corrections based on forbidden patterns from the action
* Additional corrections by Google Chrome auto-suggest
* Some manual corrections
* Adding markdown bullets to readme credits section

Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
2024-06-08 16:31:30 +00:00
Muminul Islam
06e8d1c40c hypervisor: mshv: fix topology for Intel HW on MSHV
Populating these cpuid with default values so that
CLH can patch with topology information. Otherwise it gets
skipped while setting some topology information.

Signed-off-by: Muminul Islam <muislam@microsoft.com>
2024-06-04 04:57:34 +00:00
Wei Liu
6bb3ad1b96 build: update IGVM crates
Signed-off-by: Wei Liu <liuwe@microsoft.com>
2024-05-31 20:16:37 +00:00
SamrutGadde
51a9f78625 hypervisor: aarch64: Use thiserror for errors
Updated error enums in hypervisor under aarch64 to use thiserror crate

Signed-off-by: SamrutGadde <samrut.gadde@gmail.com>
2024-05-23 20:54:36 +00:00
Nuno Das Neves
30b6e412af hypervisor: mshv: Pin mshv crates to release tag v0.2.0
And bump vfio commit in Cargo.lock to align, since it should also point
to mshv v0.2.0.

Signed-off-by: Nuno Das Neves <nudasnev@microsoft.com>
2024-05-23 17:37:49 +00:00
Jinank Jain
6c90623c8e hypervisor: mshv: Only perform SNP operation for x86 partition
SEV-SNP partitions are only supported on x86 architecture.

Signed-off-by: Jinank Jain <jinankjain@microsoft.com>
2024-05-23 15:18:00 +00:00
Jinank Jain
94fe22da62 hypervisor: mshv: Only set unimplemented MSR for x86 partition
This partition property is only supported for x86 partition. Thus,
reduce the scope of it.

Signed-off-by: Jinank Jain <jinankjain@microsoft.com>
2024-05-23 15:18:00 +00:00
Jinank Jain
af1f94e5b8 hypervisor: mshv: Reduce the scope of VMEXITs to x86_64
Certain VMEXITs can only happen for x86 guests, thus reduce the scope to
x86_64 at the compilation stage.

Signed-off-by: Jinank Jain <jinankjain@microsoft.com>
2024-05-21 16:16:29 +00:00
Muminul Islam
a5a41bf797 hypervisor: always create a frozen partition
Create a partition frozen always, then unfreeze the partition
during boot phase or resume phase. We also freeze the
partition during pause event. Time is freeze during the
time between freeze and unfreeze.

Signed-off-by: Muminul Islam <muislam@microsoft.com>
2024-05-16 14:17:07 +00:00
Muminul Islam
aabfc9513e hypervisor: implement pause/resume API for MSHV
Implementing pause/Resume API for MSHV.
Here we set/reset the partition property(TIME_FREEZE)

Signed-off-by: Muminul Islam <muislam@microsoft.com>
2024-05-16 14:17:07 +00:00
Muminul Islam
3fe9b87736 hypervisor: Add pause/resume definitions to VM trait
Add Pause/Resume functions for VM trait. For KVM it
will be empty implementations. For MSHV it needs to freeze
and unfreeze the partition.

Signed-off-by: Muminul Islam <muislam@microsoft.com>
2024-05-16 14:17:07 +00:00
Wei Liu
241d1d5cdb hypervisor: kvm: add missing capability requirements
The list is gathered from going through various code paths in the code
base.

No functional change intended.

Signed-off-by: Wei Liu <liuwe@microsoft.com>
2024-05-09 06:50:57 +00:00
Wei Liu
c07671edb4 hypervisor: kvm: introduce a check_extension macro
That reduces code repetition.

Signed-off-by: Wei Liu <liuwe@microsoft.com>
2024-05-09 06:50:57 +00:00
Wei Liu
8093820965 hypervisor: kvm: sort the required capabilities
No functional change.

Signed-off-by: Wei Liu <liuwe@microsoft.com>
2024-05-09 06:50:57 +00:00
Wei Liu
86cf50565e hypervisor: kvm: drop the check for Cap::SignalMsi
Per the KVM API document, that capability is only valid with in-kernel
irqchip that handles MSIs.

Through out the code base, there is no call to KVM_IOCTL_SIGNAL_MSI.

Signed-off-by: Wei Liu <liuwe@microsoft.com>
2024-05-09 06:50:57 +00:00
Rob Bradford
3f8cd52ffd build: Format Cargo.toml files using taplo
Run the taplo formatter with the newly added configuration file

Signed-off-by: Rob Bradford <rbradford@rivosinc.com>
2024-05-08 21:46:13 +00:00
Rob Bradford
2bf6f9300a hypervisor: Remove derivations conditional on non-existant feature
The "with-serde" feature does not exist so these [#derive(..)]
statements are never compiled in.

Signed-off-by: Rob Bradford <rbradford@rivosinc.com>
2024-05-08 08:10:28 +00:00
dependabot[bot]
a70808bae9 build: Bump thiserror from 1.0.58 to 1.0.60
Bumps [thiserror](https://github.com/dtolnay/thiserror) from 1.0.58 to 1.0.60.
- [Release notes](https://github.com/dtolnay/thiserror/releases)
- [Commits](https://github.com/dtolnay/thiserror/compare/1.0.58...1.0.60)

---
updated-dependencies:
- dependency-name: thiserror
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-05-08 00:08:24 +00:00
Muminul Islam
4847f5c4f6 hypervisor: implement clock data for MSHV
This PR implement time reference for Microsoft
Hypervisor based partition/VM.

Signed-off-by: Muminul Islam <muislam@microsoft.com>
2024-04-29 16:46:26 +00:00
Wei Liu
f6d99d9a9b build: use released version of the IGVM crates
No functional change.

While at it, consolidate some of the IGVM related import directives.

Signed-off-by: Wei Liu <liuwe@microsoft.com>
2024-04-29 11:13:59 +00:00
Rob Bradford
b89657ea22 hypervisor, vmm: Don't re-export the contents of mshv_bindings::*
The contents of this crate may change and cause conflicts - re-exporting
the contents is unnecessary.

Signed-off-by: Rob Bradford <rbradford@rivosinc.com>
2024-04-25 20:53:53 +00:00
Rob Bradford
1ef2b488c7 build: Bump kvm-bindings and crates that depend on it
This removes the custom fork as the upstream version now has serde
support.

Signed-off-by: Rob Bradford <rbradford@rivosinc.com>
2024-04-25 20:53:53 +00:00
Rob Bradford
7be69edf51 hypervisor: kvm: Introduce Mutex around VcpuFd
This is required as the VcpuFd::run and VcpuFd::set_immediate_exit
methods now take a &mut self. I explored alternative solutions:

1. Using RefCell for runtime interior mutability - the Vcpu trait is
   Sync and it's not possible to use RefCell with types that are Sync.
2. Using UnsafeCell - the mutable reference nature of ::run and and
   ::set_kvm_immediate_exit was added for a reason so it unwise to
   bypass this.
3. Adjusting the trait interface to expose the &mut self - this requires
   an Arc<Mutex<>> around the hypervisor::vcpu::Vcpu object and was very
   intrusive.

Signed-off-by: Rob Bradford <rbradford@rivosinc.com>
2024-04-25 20:53:53 +00:00