VFIO initial support #60

sameo · 2019-06-13T20:20:49Z

No description provided.

sboeuf · 2019-06-13T20:36:28Z

Nice to see this getting started :)

vfio-bindings/src/lib.rs

vfio/src/vfio.rs

sameo · 2019-06-16T19:49:47Z

I reworked the vfio-bindings crate, address @sboeuf comments on the vfio one and improve the crate overall. Next we will make the PCI implementation work with our PCI and VFIO crates.

bryteise · 2019-07-05T03:18:31Z

vfio-bindings/Cargo.toml

+vmm-sys-util = { git = "https://github.com/rust-vmm/vmm-sys-util" }
+
+[features]
+default = ["v5_0_0"]


I note that default features are a bit sticky. See rust-lang/cargo#3126 (comment) for some background but if we want people to be able to selectively disable these features it may be better to not make it a default.

bryteise · 2019-07-05T03:28:10Z

vfio-bindings/src/lib.rs

+
+pub mod bindings {
+    #[cfg(feature = "v5_0_0")]
+    pub use super::v5_0_0::*;


I could maybe use an explanation here but is the idea that the bindings mod only be able to have a single bindgen version configured to be used at the same time? I am assuming that due to name collisions that will almost certainly come up.

I could maybe use an explanation here but is the idea that the bindings mod only be able to have a single bindgen version configured to be used at the same time?

Yes, that's the idea.

vfio/src/vfio_device.rs

bryteise · 2019-07-05T04:58:55Z

vfio/src/vfio_device.rs

+    fn new(id: u32, vm: &VmFd) -> Result<Self> {
+        let mut group_path = String::from("/dev/vfio/");
+        let s_id = &id;
+        group_path.push_str(s_id.to_string().as_str());


Same comment about Path construction here.

With the VFIO crate, we can now support directly assigned PCI devices into cloud-hypervisor guests. We support assigning multiple host devices, through the --device command line parameter. This parameter takes the host device sysfs path. Fixes: cloud-hypervisor#60 Signed-off-by: Samuel Ortiz <[email protected]>

The default bindings are generated from the 5.0.0 Linux userspace API. Signed-off-by: Samuel Ortiz <[email protected]>

With the VFIO crate, we can now support directly assigned PCI devices into cloud-hypervisor guests. We support assigning multiple host devices, through the --device command line parameter. This parameter takes the host device sysfs path. Fixes: cloud-hypervisor#60 Signed-off-by: Samuel Ortiz <[email protected]>

sameo · 2019-07-23T13:54:30Z

@chao-p @rbradford @bryteise This is ready to be reviewed, finally.

src/main.rs

With the VFIO crate, we can now support directly assigned PCI devices into cloud-hypervisor guests. We support assigning multiple host devices, through the --device command line parameter. This parameter takes the host device sysfs path. Fixes: cloud-hypervisor#60 Signed-off-by: Samuel Ortiz <[email protected]>

The Virtual Function I/O (VFIO) kernel subsystem exposes a vast and relatively complex userspace API. This commit abstracts and simplifies this API into both an internal and external API. The external API is to be consumed by VFIO device implementation through the VfioDevice structure. A VfioDevice instance can: - Enable and disable all interrupts (INTX, MSI and MSI-X) on the underlying VFIO device. - Read and write all of the VFIO device memory regions. - Set the system's IOMMU tables for the underlying device. Signed-off-by: Zhang, Xiong Y <[email protected]> Signed-off-by: Chao Peng <[email protected]> Signed-off-by: Samuel Ortiz <[email protected]>

This brings the initial PCI support to the VFIO crate. The VfioPciDevice is the main structure and holds an inner VfioDevice. VfioPciDevice implements the PCI trait, leaving the IRQ assignments empty as this will be driven by both the guest and the VFIO PCI device, not by the VMM. As we must trap BAR programming from the guest (We don't want to program the actual device with guest addresses), we use our local PCI configuration cache to read and write BARs. Signed-off-by: Zhang, Xiong Y <[email protected]> Signed-off-by: Chao Peng <[email protected]> Signed-off-by: Samuel Ortiz <[email protected]>

In order to properly manage the VFIO device interrupt settings, we need to keep track of both MSI and MSI-X PCI config capabilities changes. When the guest programs the device for interrupt delivery, it writes to the MSI and MSI-X capabilities. This information must be trapped and cached in order to map the physical device interrupt delivery path to the guest one. In other words, tracking MSI and MSI-X capabilites will allow us to accurately build the KVM interrupt routes. Signed-off-by: Sebastien Boeuf <[email protected]> Signed-off-by: Samuel Ortiz <[email protected]>

We track all MSI and MSI-X capabilities changes, which allows us to also track all MSI and MSI-X table changes. With both pieces of information we can build kvm irq routing tables and map the physical device MSI/X vectors to the guest ones. Once that mapping is in place we can toggle the VFIO IRQ API accordingly and enable disable MSI or MSI-X interrupts, from the physical device up to the guest. Signed-off-by: Sebastien Boeuf <[email protected]> Signed-off-by: Samuel Ortiz <[email protected]>

VFIO explictly tells us if a MMIO region can be mapped into the guest address space or not. Except for MSI-X table BARs, we try to map them into the guest whenever VFIO allows us to do so. This avoids unnecessary VM exits when the guest tries to access those regions. Signed-off-by: Zhang, Xiong Y <[email protected]> Signed-off-by: Chao Peng <[email protected]> Signed-off-by: Samuel Ortiz <[email protected]>

With the VFIO crate, we can now support directly assigned PCI devices into cloud-hypervisor guests. We support assigning multiple host devices, through the --device command line parameter. This parameter takes the host device sysfs path. Fixes: cloud-hypervisor#60 Signed-off-by: Samuel Ortiz <[email protected]>

The VFIO integration test first boots a QEMU guest and then assigns the QEMU virtio-pci networking device into a nested cloud-hypervisor guest. We then check that we can ssh into the nested guest and verify that it's running with the right kernel command line. Signed-off-by: Samuel Ortiz <[email protected]>

Signed-off-by: Sebastien Boeuf <[email protected]>

With the VFIO crate, we can now support directly assigned PCI devices into cloud-hypervisor guests. We support assigning multiple host devices, through the --device command line parameter. This parameter takes the host device sysfs path. Fixes: #60 Signed-off-by: Samuel Ortiz <[email protected]>

sameo changed the title ~~[WIP] VFIO initial support~~ [WIP] [DNM] VFIO initial support Jun 13, 2019

sboeuf reviewed Jun 13, 2019

View reviewed changes

vfio-bindings/src/lib.rs Outdated Show resolved Hide resolved

sboeuf reviewed Jun 13, 2019

View reviewed changes

vfio/src/vfio.rs Outdated Show resolved Hide resolved

sboeuf reviewed Jun 13, 2019

View reviewed changes

vfio/src/vfio.rs Outdated Show resolved Hide resolved

sboeuf reviewed Jun 13, 2019

View reviewed changes

vfio/src/vfio.rs Outdated Show resolved Hide resolved

sboeuf reviewed Jun 13, 2019

View reviewed changes

vfio/src/vfio.rs Outdated Show resolved Hide resolved

sboeuf reviewed Jun 13, 2019

View reviewed changes

vfio/src/vfio.rs Outdated Show resolved Hide resolved

sameo force-pushed the topic/vfio branch 3 times, most recently from 0de0bf0 to ce87416 Compare June 14, 2019 14:10

sameo force-pushed the topic/vfio branch 4 times, most recently from 855efa3 to e6b4147 Compare June 24, 2019 16:45

sameo force-pushed the topic/vfio branch 6 times, most recently from da1dd9e to 64605c5 Compare July 2, 2019 23:54