| Age | Commit message (Collapse) | Author |
|---|
|
ldomctl(8) 'status' updated the value only on running guests,
i.e. stopped ones repeated the last ones instead of showing zero.
Always reset per guest before updating it, From Koakuma, thanks!
|
|
Assignable PCIe devices have a root complex path and a more descriptive
I/O slot path; example output from a T4-2:
# ldomctl list-io | head -n2
PATH NAME
/@400/@2/@0/@8 /SYS/MB/PCIE0
ldom.conf(5) `iodevice' currently accepts PATH values, which are cryptic and
completely hardware specific, whereas NAME values are obvious (partially
same across machines) and match physical slot labels ("0 PCIe2 x8") besides
information from ILOM:
/System/PCI_Devices/Add-on/Device_0 location = PCIE0 (PCIe Slot 0).
Make ldom.conf `iodevice' accept either value; internally nothing changes.
Rename struct iodev's path member to dev to clarify this further.
OK kettenis
|
|
jmc@ dislikes a comma before "then" in a conditional, so leave those
untouched.
ok jmc@
|
|
The previous wording might be understood as "leave memory unused in the
primary domain", which is precisely what causes the hypervisor to reject
the configuration since ldomctl(8) would implicitly allocate all remaining
memory for the primary domain.
Make sure that primary domain memory should be assigned explicitly so the
total amount of allocated memory is less than physically available, i.e.
the hypervisor will have even more memory available and configurations can
boot again.
OK stsp
|
|
|
|
3rd (variadic) mode_t parameter is irrelevant. Many developers in the past
have passed mode_t (0, 044, 0644, or such), which might lead future people
to copy this broken idiom, and perhaps even believe this parameter has some
meaning or implication or application. Delete them all.
This comes out of a conversation where tb@ noticed that a strange (but
intentional) pledge behaviour is to always knock-out high-bits from
mode_t on a number of system calls as a safety factor, and his bewilderment
that this appeared to be happening against valid modes (at least visually),
but no sorry, they are all irrelevant junk. They could all be 0xdeafbeef.
ok millert
|
|
functions that take "char *" arguments. Where such chars are
assigned to int or passed to ctype functions, explicitly cast them
to unsigned char.
For OpenBSD's clang, -Wpointer-sign has been disabled by default,
but when the parse.y code was built elsewhere, the compiler would
complain.
With help from millert@
ok benno@ deraadt@
|
|
variables used here instead of using the ones from config.c.
ok deraadt@, kn@
|
|
|
|
Already declared "extern" in ldomctl.h; required for "-fno-common".
OK kettenis
|
|
This is the only object that uses it; required for "-fno-common".
OK kettenis
|
|
The current description fails to explain how to use it properly and the
error message is only helpful for people that know how ldomctl works
and/or what the Phsyical Resource Inventory is.
OK afresh1 kettenis
|
|
Quite a few users and developers (including me) were confused by how
virtual CPU strides would work.
Initial diff together with stsp, final feedback from kettenis
|
|
|
|
|
|
Contrary to other (single CPU) machines, the Oracle SPARC T4-2 machines
come with two CPUs/two PCIe root complexes instead of one.
ldomctl already accounts for this and interates over them but lacked a skip
condition when iterating over subdevices to avoid linking devices in one
complex to those in another.
This fixes a NULL dereference in "init-system" on T4-2 machines and makes
it produce working machine descriptions (.md files).
Testing and confirmation on a T4-1 that single PCIe root complex machines
still produce identical MDs with this from tracey, thanks!
Reminded by a report on bugs@ from Kokuma who also confirmed this fix on
their T4-2.
|
|
In analogy to guest domains requiring vcpu, memory and at least one
bootable device (vdisk, vnet or iodevice), the primary domain must not
be configured with vdisk, vnet or iodevice parameters; it does not make
sense to provide virtual disks or interfaces to it and PCIe devices not
assigned to guest domains automatically end up in the primary domain.
ldom.conf(5) also documents those explicitly for guest domains only.
OK tracey
|
|
Second attempt after config.c revision 1.37, this time merely delay the
"-n" test until after constraint checks have been performed such that
the PRI is still read, as required in order to get the total number of
VCPUs and memory.
OK kmos who also tested this
|
|
|
|
|
|
Domains get to define their cores and memory only once unlike vnet, vdisk
and variable parameters of which it makes sense to have more than one;
iodevices are unique my design and may only be assigned once.
OK kettenis
|
|
Total vcpu and memory are read from the PRI so constraint checks must not
be done before that, noted by kettenis.
The fact that "total_cpus" as a global variable (initialized with zero) is
always smaller than the total number of configured vcpus and the fact that
I only tested a negative example without a positive one made me jump the
trigger, sorry.
|
|
kmos noted that "-n" wouldn't bark at overallocation, only running without
it would do so.
Hoit setup code and delay the noaction bailout just after constraint checks
such that they're always done.
OK kmos
|
|
but additionally have a bootblock in the first 8K (since UFS does not use that
space). There are some UEFI direct-from-internet bootloaders that require
the name *.img. So this makes things more convenient for those, while keeping
it consistant in all architectures.
ok kettenis beck kn
|
|
|
|
Names help identify the right iodevice to be assigned in ldom.conf(5);
they directly match the structure seen in the iLOM shell, and the output
format is similar to Solaris "ldm list-io".
OK kettenis
|
|
Nothing else is needed and pri_init() actually writes to the PRI file
whereas pri_init_components() only reads (as expected in this code path).
This allows listing IO devices from PRI files that are read-only;
I noticed this by having the "factory-default" configuration protected
with the system immutable flag "schg", see chflags(1).
|
|
vnet devalias=netboot
Creates a device alias to be used in OBP:
{ok} boot netboot
This helps navigating inside guests without remembering
device paths or rather their order as specified in the config.
OK kettenis
|
|
Missed in previous commit; no breakage, the resulting MD would simply end
up without user defined device aliases.
|
|
vdisk "/var/ldom/miniroot.fs" devalias=miniroot
Creates a device alias to be used in OBP:
{ok} devlias
miniroot /virutal-devices@100/...
This helps navigating inside guests without remembering
device paths or rather their order as specified in the config.
OK kettenis
|
|
The manual lies and all options ought to be provided space
separated, on the same line as the vnet keyword.
OK kettenis
|
|
Commit below merged duplicate code into hv_config() but forgot to call the
helper function from dump().
Noticed by "ldomctl dump" returning zero, dumping both MD and PRI but
leaving the former empty, sorry.
revision 1.32
date: 2020/01/03 19:45:51; author: kn; state: Exp; lines: +69 -46;
Move code into new hv_config(), defer to commands needing it
|
|
ok tedu
|
|
Requested by Andrew Grillet
OK kettenis
|
|
Missed in previous commit
|
|
Change several instances, most of them to the usual -width Ds.
|
|
Just like amd64 vmctl(8).
Manual feedback schwarze
OK kettenis
|
|
The hypervisor transparently allocates memory it needs, but the specific
amount is machine dependent and not always documented or known.
Mention these details to prevent users from overcommitting memroy in their
configuration.
|
|
Each guest needs vcpu and memory, otherwise it is invalid.
Each guest also needs at least one of vdisk, vnet or iodevice,
otherwise it has nothing to boot from.
OK kettenis
|
|
OK kettenis
|
|
If the given domain was already specified, do not bother allocating and
initialising it.
No function change.
|
|
|
|
|
|
Since the domain name is mandatory for "ldomctl console ...",
gid is always set and guaranteed to be greater than zero.
OK kettenis
|
|
"ldomctl init-system -n ldom.conf" only parses the configuration file
and exits; it is usable as unprivileged user, no devices are opened.
OK kettenis
|
|
This moves setup code from main() into its own function so instead of
upfront it can be used only when and where needed.
With the exception of `create-vdisk' all currently open /dev/hvctl; for
that command I added a rather quirky goto to avoid this unneeded step,
but `list-io' for example does not need /dev/hvctl at all either.
So instead of adding more quirks, split as per above and clearly call
hv_config() from the commands that *do* require it.
This also effectively defers such privileged operations after all argv[]
parsing is done, that is the code fails earlier on invalid input without
file I/O for nothing.
With that in, I can easily add more commands not requiring hvctl access,
e.g. a dry-run configuration check.
OK kettenis
|
|
|
|
Users must not not be able to transfer files from the local hypervisor
filesystem to VMs/LDOMs, especially since the "vmctl/ldomctl console ..."
might be run as root.
Disable all relevant escape sequences and cause cu to run under "stdio tty"
pledge by using -r.
OK deraadt mlarkin
|
|
ok kn
|
|
"looks better" deraadt
Ok kettenis
|
