Restrict the VMs a given VM can communicate with by introducing VM groups.
A group is simply a list of names assigned to the device in the
configuration. A VM can communicate with another VM only if the list of
group names assigned to their devices have atleast one group name in
common.
Signed-off-by: Priyansh Rathi <techiepriyansh@gmail.com>
Currently need to provide all the fields in the yaml config file,
otherwise the application panics. Modify this behaviour to allow not
specifying the optional fields to make it consistent with specifying the
configuration using only CLI arguments.
Signed-off-by: Priyansh Rathi <techiepriyansh@gmail.com>
In virtio standard, vsock uses 3 vqs. crosvm expects 3 vqs from
vhost-user-vsock impl, but this vhost-user-vsock device sets up
only 2 vqs because event vq isn't handled. And it causes crash in
crosvm. To avoid crash in crosvm, I increase NUM_QUEUES to 3
Signed-off-by: Jeongik Cha <jeongik@google.com>
BACKEND_EVENT value depends on NUM_QUEUES, because it is the next value
of NUM_QUEUES, so set it based on NUM_QUEUES
Signed-off-by: Jeongik Cha <jeongik@google.com>
VsockConnection::stream which is cloned is always used for
epoll_register, except add_new_guest_conn. Only in add_new_guest_conn,
the original stream is used.
Because a stream's raw fd is used for the key of listener_map, it cannot
find proper listener after the first packet.
Signed-off-by: Jeongik Cha <jeongik@google.com>
All other devices follow the "vhost-device-*" pattern, while for
vsock we used "vhost-user-vsock". Let's rename this as well to be
consistent.
Signed-off-by: Stefano Garzarella <sgarzare@redhat.com>
Currently, the `raw_pkts_queue` is processed only when a
`SIBLING_VM_EVENT` is received. But it may happen that the
`raw_pkts_queue` could not be processed completely due to insufficient
space in the RX virtqueue at that time. So, try to process raw packets on
other events too similar to what happens in the RX of standard packets.
Signed-off-by: Priyansh Rathi <techiepriyansh@gmail.com>
The deadlock occurs when two sibling VMs simultaneously try to send each
other packets. The `VhostUserVsockThread`s corresponding to both the VMs
hold their own locks while executing `thread_backend.send_pkt` and then
try to lock each other to access their counterpart's `raw_pkts_queue`.
This ultimately results in a deadlock.
Resolved by separating the mutex over `raw_pkts_queue` from the mutex over
`VhostUserVsockThread`.
Signed-off-by: Priyansh Rathi <techiepriyansh@gmail.com>
The vhost_user::Error::Disconnected error code is returned by the
daemon if the VM is shutting down. Don't Warn the user in this case but
just point out that VM may be shutting down.
Signed-off-by: Viresh Kumar <viresh.kumar@linaro.org>
There was a mix of just unwrapping (panicking) and catching and logging
errors. The unwrapping is not allowing for particulary pretty error
handling, so let's bubble the errors up by not crashing the thread,
but by just returning a Result<()> than is received when joining the
threads.
Not all .unwrap() uses were translated since a followup PR (#389) will
rework that code anyway (and get rid of the .unwrap() in the process).
Signed-off-by: Erik Schilling <erik.schilling@linaro.org>
Tests were run in a series before the previous commit because of a
testing failure (#232), and masked a bug. This is not necessary anymore
since the bug was fixed in the previous commit.
Instead of reverting to running the tests without the #[serial]
attribute, make every test self-contained by using unique temp
directories in each test run.
Test files that refer to sockets need to be unique because they risk
sharing filenames with other tests after refactoring. Since these tests
create/use/free resources, they should take care not to litter /tmp/ and
not share any file with other tests.
This commit uses a unique temp dir as location of test run files instead
of `/tmp/`. It adds a new dev-dependency, `tempfile`.
Signed-off-by: Manos Pitsidianakis <manos.pitsidianakis@linaro.org>
Using a raw file descriptor in `stream_map` caused two `UnixStream`
instances have a shared single reference to the underlying stream
socket. Use UnixStream::try_clone instead which duplicates the file
descriptor while still referring to the same stream.
Fixes#232
Signed-off-by: Manos Pitsidianakis <manos.pitsidianakis@linaro.org>
Earlier we were sending credit update messages to guest
everytime data was read, now we send it only if the available
space is less than 1/4th of the tx buffer size.
benchmarks:
host->guest[Gbps]
before 1.45
after 1.51
guest->host[Gbps]
before 5.68
after 6.07
Note: I did 3 runs of 10 secs and took average of all,
they are relative results.
Fixes#317
Signed-off-by: Ramyak Mehra <rmehra_be19@thapar.edu>
[SG: fixed S-o-b and small things in the commit description]
Signed-off-by: Stefano Garzarella <sgarzare@redhat.com>
In order to prepare for an initial release of the crates, this adds a
CHANGELOG.md for tracking changes in the future releases.
The template was copied from the vhost crate [1].
Signed-off-by: Erik Schilling <erik.schilling@linaro.org>
[1] 900b9a5c41/crates/vhost/CHANGELOG.md
Various rust-vmm dependencies now support Xen platforms under a new
feature `xen`. Add the same here for all the crates.
Signed-off-by: Viresh Kumar <viresh.kumar@linaro.org>
Once we publish crates to crates.io, only the crate subfolder is
uploaded. Symlink the license files in in order to include them during
packaging.
`cargo package` will replace the symlinks with the actual files during
packaging, so crates.io will include the license file.
Signed-off-by: Erik Schilling <erik.schilling@linaro.org>
This version brings the SCSI bindings and allows us to drop the git
dependency (which was complicating the packaging situation).
Thanks-to: Jiang Liu <gerry@linux.alibaba.com>
Signed-off-by: Erik Schilling <erik.schilling@linaro.org>
With epoll-4.3.2, bitflags moves to 2.3.3 from 1.3.2 and breaks the
build with following error:
error[E0369]: binary operation `!=` cannot be applied to type `Events`
Fix those by using the .bits() functions.
Signed-off-by: Viresh Kumar <viresh.kumar@linaro.org>
Cross-check the packet `src_cid` with the CID configured for the guest.
This will forbid a VM from impersonating another.
Signed-off-by: Priyansh Rathi <techiepriyansh@gmail.com>
Adds support for communication between sibling VMs that use the
vhost-user-vsock devices from the same vhost-user-vsock application.
Tested with nc-vsock patched to set `.svm_flags = VMADDR_FLAG_TO_HOST`:
host$ vhost-user-vsock \
--vm guest-cid=3,uds-path=/tmp/vm3.vsock,socket=/tmp/vhost3.socket \
--vm guest-cid=4,uds-path=/tmp/vm4.vsock,socket=/tmp/vhost4.socket
vm_cid3$ nc-vsock -l 1234
vm_cid4$ nc-vsock 3 1234
Signed-off-by: Priyansh Rathi <techiepriyansh@gmail.com>
In future, we could add the ability to change the configuration at runtime
and allow new guests to be added even without having to restart the
daemon. So it is reasonable to not differentiate between the single and
multiple VM cases, even with only one guest.
Signed-off-by: Priyansh Rathi <techiepriyansh@gmail.com>
Adds support for instantiating multiple `VhostUserVsockBackend`s parallely
to handle multiple guests. Extends the CLI interface to accept the config
for multiple VMs in addition to the yaml config file with the `--vm`
argument as follows:
vhost-user-vsock \
--vm guest_cid=3,socket=/tmp/vhost3.socket,uds_path=/tmp/vm3.vsock \
--vm guest_cid=4,socket=/tmp/vhost4.socket,uds_path=/tmp/vm4.vsock
Signed-off-by: Priyansh Rathi <techiepriyansh@gmail.com>
It's possible to receive an incoming UDS connection before the VMM has
contacted us to initialize the vrings.
In this case, close the incoming connection so the client is aware of we
aren't yet ready, and to avoid having a lingering incomplete connection
around.
Signed-off-by: Sergio Lopez <slp@redhat.com>
It's possible to receive backend events before the VMM contacts us to
activate the vrings. Trying to call process_tx in this state will
trigger a NoMemoryConfigured error which will end crashing the worker
thread.
As NoMemoryConfigured is a transitory error, deal with it gracefully
printing a warning but continuing the normal execution.
Signed-off-by: Sergio Lopez <slp@redhat.com>
This commit aims to allow the vhost-user-vsock to
support local yaml configuration.
It introduces a new parameter '--config <CONFIG>' to allow user
to input a yaml configuration during startup and
uses config-rs to parse it.
Note that the configuration is currently made
conflicted to the original input parameters.
It introduces a new error -- ConfigParse inside the
crates/vsock/src/vhu_vsock.rs to support runtime error handling
and the new test_vsock_config_from_file() test.
It includes a new README.md with a parameter specification
and a config example in the Usage section.
It also introduces serde_deserialize(yaml) for VsockParam to let
config-rs directly pack the field specified in the array into the
VsockParam as suggested in config-rs. The serde crate is added to
crates/vsock/Cargo.toml correspondingly.
This commit also changes the original #[clap] into #[arg]
as suggested in clap-v4.
Signed-off-by: Yiyang Wu <toolmanp@outlook.com>
That buffer is used to store bytes coming from the guest before
sending them to the Unix domain socket. Some use cases might want
to increase or decrease this space, so it would be best to make it
user-customizable. Users can use "--tx-buffer-size=" to configure
TX buffer.
Fixes: #319
Signed-off-by: uran0sH <huangwenyuu@outlook.com>
Implement VhostUserBackend instead of VhostUserBackendMut for
VhostUserVsockBackend. VhostUserBackendMut trait is supposed to be used
for structures without interior mutability. But VhostUserVsockBackend
already uses Mutex to protect its threads, so it can implement the trait
with interior mutability (i.e. VhostUserBackend).
Signed-off-by: Priyansh Rathi <techiepriyansh@gmail.com>
The virtio-queue crate doesn't allow invalid queue state since commit
d951283a8e88 ("don't allow processing descriptors for invalid q").
Initialize the queues properly to fix testing failures.
Signed-off-by: Viresh Kumar <viresh.kumar@linaro.org>
Rather incongruously the common VIRTIO feature flags where part of the
net binding. Now that the new binding are out we can update them to
something generic.
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>
The 0.2.1 version of virtio-vsock crate contains a fix [1] needed to
properly work with the virtio-vsock driver provided by Linux v6.3 and
later (originally the new driver was supposed to be in v6.2, but it
was postponed).
The fix was just a quick workaround, but in the future more work will
be needed in the virtio-vsock crate to not have a Linux-only specific
implementation of VsockPacket, as described in this issue [2].
[1] https://github.com/rust-vmm/vm-virtio/pull/207
[2] https://github.com/rust-vmm/vm-virtio/issues/216
Signed-off-by: Stefano Garzarella <sgarzare@redhat.com>
As pointed out in https://gitlab.com/qemu-project/qemu/-/issues/1337
`-numa` is not supported by all machine types, so let's update the
example using the `memory-backend` machine property.
Since we are modifying the QEMU example, let's provide only the
QEMU's vhost-user-vsock required options in the "Usage" section.
In addition we also probide a working example.
Let's also remove a spurious rust section at the bottom of the file
that does not add any useful information.
Signed-off-by: Stefano Garzarella <sgarzare@redhat.com>
This is required to fix the errors with individual pull requests with
these crates.
Also update other dependencies with general `cargo update`.
Signed-off-by: Viresh Kumar <viresh.kumar@linaro.org>
We forgot to update the License section in the readme
template. So, let's specify that vsock crate is licensed
under Apache 2.0 OR BSD-3-Clause.
Signed-off-by: Stefano Garzarella <sgarzare@redhat.com>
As pointed out in the issue #232, vsock tests fail randomly.
From an initial analysis, it appears that using `--test-threads=1`
never happens, but using a value greater than 1, the tests fails
after a while and almost always with the creation of UDS,
or EpollFD, or on epoll_ctl.
There should be something wrong with FDs when there are multiple
threads running tests (not sure if related to O_CLOEXEC).
This is just a workaround, we will revert this commit when we
identify the root cause.
Signed-off-by: Stefano Garzarella <sgarzare@redhat.com>
