hypervisor: x86: emulator: Remove unncessary mut from reference

warning: this argument is a mutable reference, but not used mutably
--> hypervisor/src/arch/x86/emulator/instructions/mod.rs:22:15

hypervisor: x86: emulator: Remove unncessary mut from reference

warning: this argument is a mutable reference, but not used mutably
--> hypervisor/src/arch/x86/emulator/instructions/mod.rs:22:15
|
22 | platform: &mut dyn PlatformEmulator<CpuState = T>,
| ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ help: consider changing to: `&dyn PlatformEmulator<CpuState = T>`
|
= note: this is cfg-gated and may require further changes
= help: for further information visit https://rust-lang.github.io/rust-clippy/master/index.html#needless_pass_by_ref_mut

Signed-off-by: Rob Bradford <rbradford@rivosinc.com>

show more ...

hypervisor: mshv: handle APIC EOI message

Signed-off-by: Wei Liu <liuwe@microsoft.com>

x86 emulator: add Mov_moffs_AX & Mov_AX_moffs (16,32,64)

Signed-off-by: Philipp Schuster <philipp.schuster@cyberus-technology.de>

build: Fix beta clippy issue: private item shadows public glob re-export

error: private item shadows public glob re-export
Error: --> hypervisor/src/mshv/mod.rs:42:27
|
42 | CpuIdEntry, Fpu

build: Fix beta clippy issue: private item shadows public glob re-export

error: private item shadows public glob re-export
Error: --> hypervisor/src/mshv/mod.rs:42:27
|
42 | CpuIdEntry, FpuState, LapicState, MsrEntry, SpecialRegisters, StandardRegisters,
| ^^^^^^^^^^
|
note: the name `LapicState` in the type namespace is supposed to be publicly re-exported here
--> hypervisor/src/mshv/mod.rs:16:9
|
16 | pub use mshv_bindings::*;
| ^^^^^^^^^^^^^^^^
note: but the private item here shadows it
--> hypervisor/src/mshv/mod.rs:42:27
|
42 | CpuIdEntry, FpuState, LapicState, MsrEntry, SpecialRegisters, StandardRegisters,
| ^^^^^^^^^^
= note: `-D hidden-glob-reexports` implied by `-D warnings`

Signed-off-by: Yu Li <liyu.yukiteru@bytedance.com>

show more ...

hypervisor: x86: Emulator is only needed on `mshv`, not `kvm`

On x86-64, when the underlying hypervisor platform is KVM, no
instruction emulator is necessary. KVM handles instruction boundaries
inte

hypervisor: x86: Emulator is only needed on `mshv`, not `kvm`

On x86-64, when the underlying hypervisor platform is KVM, no
instruction emulator is necessary. KVM handles instruction boundaries
internally.

This change allows to skip the iced-x86 dependency on KVM, improving
build times, prunes the dependency graph and reduces network traffic
during the initial build.

For Hyper-V, the emulator is still necessary on x86-64, so nothing
changes there.

Signed-off-by: Christian Blichmann <cblichmann@google.com>

show more ...

hyperivsor: Add infrastructure to determine CPU vendor

Signed-off-by: Anatol Belski <anbelski@linux.microsoft.com>

hypervisor: mshv: Implement set_cpuid2 call

Passing the CPUID leafs with the topology is integrated into the common
mechanism of setting and patching CPUID in Cloud Hypervisor. All the
CPUID values

hypervisor: mshv: Implement set_cpuid2 call

Passing the CPUID leafs with the topology is integrated into the common
mechanism of setting and patching CPUID in Cloud Hypervisor. All the
CPUID values will be passed to the hypervisor through the register
intercept call.

Signed-off-by: Anatol Belski <anbelski@linux.microsoft.com>

show more ...

hypervisor, vmm: Limit max number of vCPUs to hypervisor maximum

On KVM this is provided by an ioctl, on MSHV this is constant. Although
there is a HV_MAXIMUM_PROCESSORS constant the MSHV ioctl API

hypervisor, vmm: Limit max number of vCPUs to hypervisor maximum

On KVM this is provided by an ioctl, on MSHV this is constant. Although
there is a HV_MAXIMUM_PROCESSORS constant the MSHV ioctl API is limited
to u8.

Signed-off-by: Rob Bradford <rbradford@rivosinc.com>

show more ...

misc: Remove unnecessary clippy directives

Clippy passes fine without these.

Signed-off-by: Rafael Mendonca <rafaelmendsr@gmail.com>

vmm: only use KVM_ARM_VCPU_PMU_V3 if available

Having PMU in guests isn't critical, and not all hardware supports
it (e.g. Apple Silicon).

CpuManager::init_pmu already has a fallback for if PMU is

vmm: only use KVM_ARM_VCPU_PMU_V3 if available

Having PMU in guests isn't critical, and not all hardware supports
it (e.g. Apple Silicon).

CpuManager::init_pmu already has a fallback for if PMU is not
supported by the VCPU, but we weren't getting that far, because we
would always try to initialise the VCPU with KVM_ARM_VCPU_PMU_V3, and
then bail when it returned with EINVAL.

Signed-off-by: Alyssa Ross <hi@alyssa.is>

show more ...

hypervisor: Fix few register names on MSHV

Recently generated mshv-bindings has most of the registers
renamed. This patch renames some of the MSHV registers.

Signed-off-by: Muminul Islam <muislam@m

hypervisor: Fix few register names on MSHV

Recently generated mshv-bindings has most of the registers
renamed. This patch renames some of the MSHV registers.

Signed-off-by: Muminul Islam <muislam@microsoft.com>

show more ...

hypervisor: use proper doc tests for examples

It seems like these examples were always intended to be doctests,
since there are lines marked with "#" so that they are excluded from
the generated doc

hypervisor: use proper doc tests for examples

It seems like these examples were always intended to be doctests,
since there are lines marked with "#" so that they are excluded from
the generated documentation, but they were not recognised as doc tests
because they were not formatted correctly.

The code needed some adjustments so that it would actually compile and
run as doctests.

Signed-off-by: Alyssa Ross <hi@alyssa.is>

show more ...

hypervisor: fix building doctests

When doctests are built, the crate is built with itself as a
dependency via --extern. This causes a compiler error if using a
module with the name same as the crat

hypervisor: fix building doctests

When doctests are built, the crate is built with itself as a
dependency via --extern. This causes a compiler error if using a
module with the name same as the crate, because it's ambiguous whether
it's referring to the module, or the extern version of the crate, so
it's necessary to disambiguate when using the hypervisor module here.

Fixes running cargo test --doc --workspace.

Signed-off-by: Alyssa Ross <hi@alyssa.is>

show more ...

hypervisor: rename get_cpuid to get_supported_cpuid

To better reflect its nature and avoid confusion with get_cpuid2.

No functional change.

Signed-off-by: Wei Liu <liuwe@microsoft.com>

arch, hypervisor: Populate CPUID leaf 0x4000_0010 (TSC frequency)

This hypervisor leaf includes details of the TSC frequency if that is
available from KVM. This can be used to efficiently calculate

arch, hypervisor: Populate CPUID leaf 0x4000_0010 (TSC frequency)

This hypervisor leaf includes details of the TSC frequency if that is
available from KVM. This can be used to efficiently calculate time
passed when there is an invariant TSC.

TEST=Run `cpuid` in the guest and observe the frequency populated.

Fixes: #5178

Signed-off-by: Rob Bradford <robert.bradford@intel.com>

show more ...

tdx: Set the SEPT_VE_DISABLE attribute

This is required for booting Linux:

From: https://lore.kernel.org/all/20221028141220.29217-3-kirill.shutemov@linux.intel.com/

"""

Virtualization Exceptions

tdx: Set the SEPT_VE_DISABLE attribute

This is required for booting Linux:

From: https://lore.kernel.org/all/20221028141220.29217-3-kirill.shutemov@linux.intel.com/

"""

Virtualization Exceptions (#VE) are delivered to TDX guests due to
specific guest actions such as using specific instructions or accessing
a specific MSR.

Notable reason for #VE is access to specific guest physical addresses.
It requires special security considerations as it is not fully in
control of the guest kernel. VMM can remove a page from EPT page table
and trigger #VE on access.

The primary use-case for #VE on a memory access is MMIO: VMM removes
page from EPT to trigger exception in the guest which allows guest to
emulate MMIO with hypercalls.

MMIO only happens on shared memory. All conventional kernel memory is
private. This includes everything from kernel stacks to kernel text.

Handling exceptions on arbitrary accesses to kernel memory is
essentially impossible as handling #VE may require access to memory
that also triggers the exception.

TDX module provides mechanism to disable #VE delivery on access to
private memory. If SEPT_VE_DISABLE TD attribute is set, private EPT
violation will not be reflected to the guest as #VE, but will trigger
exit to VMM.

Make sure the attribute is set by VMM. Panic otherwise.

There's small window during the boot before the check where kernel has
early #VE handler. But the handler is only for port I/O and panic as
soon as it sees any other #VE reason.

SEPT_VE_DISABLE makes SEPT violation unrecoverable and terminating the
TD is the only option.

Kernel has no legitimate use-cases for #VE on private memory. It is
either a guest kernel bug (like access of unaccepted memory) or
malicious/buggy VMM that removes guest page that is still in use.

In both cases terminating TD is the right thing to do.

"""

With this change Cloud Hypervisor can boot the current Linux guest
kernel.

Reported-By: Jiaqi Gao <jiaqi.gao@intel.com
Signed-off-by: Rob Bradford <robert.bradford@intel.com>

show more ...

hypervisor: x86: emulate MOVSB

Signed-off-by: Praveen K Paladugu <prapal@linux.microsoft.com>

hypervisor: x86: emulate MOVSW

Signed-off-by: Wei Liu <liuwe@microsoft.com>

hypervisor: x86: use a macro to generate emulate function for movs

No functional change.

Signed-off-by: Wei Liu <liuwe@microsoft.com>

tdx: Update support based on kvm-upstream v5.19

In order to comply with latest TDX version, we rely onto the branch
kvm-upstream-2022.08.07-v5.19-rc8 from https://github.com/intel/tdx
repository. Up

tdx: Update support based on kvm-upstream v5.19

In order to comply with latest TDX version, we rely onto the branch
kvm-upstream-2022.08.07-v5.19-rc8 from https://github.com/intel/tdx
repository. Updates are based on changes that happened in
arch/x86/include/uapi/asm/kvm.h headers file.

Signed-off-by: Sebastien Boeuf <sebastien.boeuf@intel.com>

show more ...

hypervisor: remove unnecessary derive of HypervisorType

There was an unnecessary change in previous PR #5077.
This is the follow-up clean up patch.

Right now there is no use case of the drive of
Eq

hypervisor: remove unnecessary derive of HypervisorType

There was an unnecessary change in previous PR #5077.
This is the follow-up clean up patch.

Right now there is no use case of the drive of
Eq and PartialEq.

Signed-off-by: Muminul Islam <muislam@microsoft.com>

show more ...

vmm: Ensure PIO/MMIO exits complete before pausing only for KVM

MSHV does not require to ensure MMIO/PIO exits complete
before pausing. This patch makes sure the above requirement
by checking the hy

vmm: Ensure PIO/MMIO exits complete before pausing only for KVM

MSHV does not require to ensure MMIO/PIO exits complete
before pausing. This patch makes sure the above requirement
by checking the hypervisor type run-time.

Fixes #5037

Signed-off-by: Muminul Islam <muislam@microsoft.com>

show more ...

build: Bump mshv-ioctls from `10d0c52` to `ef01a5a`

With this bump there was a change in one of the externally exposed
variable. Thus, the use of that variable in CLH must be adjusted
accordingly.

build: Bump mshv-ioctls from `10d0c52` to `ef01a5a`

With this bump there was a change in one of the externally exposed
variable. Thus, the use of that variable in CLH must be adjusted
accordingly.

Signed-off-by: Jinank Jain <jinankjain@microsoft.com>

show more ...

hypervisor: kvm: aarch64: remove repetition in offset_of

The repetition served no purpose.

No functional change.

Signed-off-by: Wei Liu <liuwe@microsoft.com>

hypervisor: kvm: aarch64: rename offset__of to offset_of

The double underscore made it different from how other projects would
name this particular macro.

No functional change.

Signed-off-by: Wei

hypervisor: kvm: aarch64: rename offset__of to offset_of

The double underscore made it different from how other projects would
name this particular macro.

No functional change.

Signed-off-by: Wei Liu <liuwe@microsoft.com>

show more ...