| Age | Commit message (Collapse) | Author |
|---|
|
Initializes the %drX registers to power on defaults, and bump the VM
send/recieve header to reflect same
discussed with deraadt@
|
|
if a bootdevice was forced. This implements both the pure IO port interface
and also the new DMA interface, a few direct commands are implemented which
are needed but in general the "file" interface should be used. There is no
write support for the guest. Tested against the latest vmm-firmware port.
This requires also a -current kernel to pass the IO ports to vmd(8).
OK mlarkin@ ccardenas@
|
|
currently only when booting a OpenBSD kernel. If VMBOOTDEV_NET is used the
internal dhcp server will pass "auto_install" as boot file to the client and
the boot loader passes the MAC of the first interface to the kernel to indicate
PXE booting. Adding boot order support to SeaBIOS is not yet implemented.
Ok ccardenas@
|
|
vmctl peerid that should be informed when the VM is stopped (like when the
guest does a shutdown). Uses the same logic as using the VMOP_WAIT flag on
IMSG_VMDOP_TERMINATE_VM_REQUEST.
Ok ccardenas@, reyk@
|
|
This means that when using '-L', the IP addresses of the VMs are stable.
ok reyk@
|
|
ok & test ccardenas@, additional review from kn@
|
|
The -i option to vmctl create (eg. vmctl create output.qcow2 -i input.img)
lets you create a new image from an input file and convert it if it is a
different format. This allows to convert qcow2 images from raw images,
raw from qcow2, or even qcow2 from qcow2 and raw from raw to re-optimize
the disk.
This re-uses Ori's vioqcow2.c from vmd by reaching into it and
compiling it in. The API has been adjust to be used from both vmctl
and vmd accordingly.
OK mlarkin@
|
|
This looping has been experienced by people who run VMs with a broken
kernel or boot loader that trigger a very fast reboot loop (triple
fault) of a VM that ends up using a lot of CPU and resources on the
host. Some fixes in vmm(4) and vmd(8) helped to avoid such conditions
but it can still occur if something is wrong in the guest VM itself.
If the VM restarts after less than VM_START_RATE_SEC (6) seconds, we
increment the limit counter. After VM_START_RATE_LIMIT (3) of suchs
fast reboots the VM is stopped.
There are only very few people who intentionally want to reboot-loop a
VM very quickly (many times within a second); mostly for fuzzing.
They will have to recompile and adjust the stated #defines in the code
as we don't have a config option to disable it.
OK mlarkin@
|
|
This works is from Ori Bernstein, committing on his behalf:
Add support to vmd for external snapshots. That is, snapshots that are
derived from a base image. Data lookups start in the derived image,
and if the derived image does not contain some data, the search
proceeds ot the base image. Multiple derived images may exist off of
a single base image.
A limitation of this format is that modifying the base image will
corrupt the derived image.
This change also adds support for creating disk derived disk images to
vmctl. To use it:
vmctl create derived.qcow2 -s 16G -b base.qcow2
From Ori Bernstein
OK mlarkin@ reyk@
|
|
This makes the "-d qcow2:" and "format qcow" arguments optional as vmctl
and vmd will read the magic bytes at the beginning of a file to guess if
it is a raw or a qcow image file.
The "vmctl create" command has been changed by removing the -f qcow2 option
and replacing it with the same syntax as -d: "vmctl create qcow2:foo.img".
In a slightly ununixy but intended way, the create command now also
considers the file extension for the format as "vmctl create foo.qcow2"
creates a qcow2 disk and not a raw image file.
Ok mlarkin@ (and ccardenas@ on an earlier version of the diff)
|
|
OK mlarkin@
|
|
Users are able to declare disk images as 'raw' or 'qcow2' using either
vmctl and vm.conf. The default disk image format is 'raw' if not specified.
Examples of using disk format:
vmctl start bsd -Lc -r cd64.iso -d qcow2:current.qc2
or
vmctl start bsd -Lc -r cd64.iso -d raw:current.raw
is equivalent to
vmctl start bsd -Lc -r cd64.iso -d current.raw
in vm.conf
vm "current" {
disable
memory 2G
disk "/home/user/vmm/current.qc2" format "qcow2"
interface { switch "external" }
}
or
vm "current" {
disable
memory 2G
disk "/home/user/vmm/current.raw" format "raw"
interface { switch "external" }
}
is equivlanet to
vm "current" {
disable
memory 2G
disk "/home/user/vmm/current.raw"
interface { switch "external" }
}
Tested by many.
Big Thanks to Ori Bernstein.
|
|
The limits are currently hard-coded and undocumented (4 CPUs/VMs, 2G
memory, 8 interfaces) but will be configurable in an upcoming diff.
These limits are tracked in total usage; for example, a user will be
able to run up to 4 VMs with 512M of memory or a single VM with 2G.
OK ccardenas@ mlarkin@
|
|
This prevents time of TOCTOU attacks for instances.
OK mlarkin@
|
|
This allows users to create VM instances and change desired options,
for example a user can be allowed to run a VM with all the
pre-configured options but specify an own disk image.
(mlarkin@ was fine with iterating over it)
OK ccardenas@
|
|
This introduces new grammar and the -t optional in vmctl start.
(For now, only root can create VM instances; but it is planned to allow
users to create their own VMs based on permissions and quota.)
OK ccardenas@ mlarkin@ jmc@
|
|
Use it in /etc/rc.d/vmd accordingly.
OK sthen@
|
|
This also fixes a bug in vmm_sighdlr where it might have missed
forwarding the TERMINATE_EVENT to the vmd parent after a VM child
died, leading to an abandoned VM in the vmd parent process.
OK ccardenas@ mlarkin@ benno@ kn@
|
|
Replace all occurences of dprintf with DPRINTF (defined in proc.h).
|
|
- Turn tracing messages into DPRINTF (only compiled with DEBUG).
- Pass __func__ to vm_stop and vm_remove: this way we can track who
called the function in the async context. It replaces the manual
log_debug in front of each vm_stop/vm_remove. This debug logging
trick can be removed in the future once we are more confident about
it.
OK ccardenas@ mlarkin@
|
|
ok kettenis
|
|
This allows to open vmctl control or console access to other users
that are not in group wheel. Access for non-root users still defaults
to read-only actions unless you change the owner (user/group) of each
individual VM.
Requested by Mischa Peters
OK mlarkin@
|
|
ok guenther
|
|
* Adds 'cdrom' keyword to vm.conf(5) and '-r' to vmctl(8)
* Support various sized ISOs (Limitation of 4G ISOs on Linux guests)
* Known working guests: OpenBSD (primary), Alpine Linux (primary),
CentOS 6 (secondary), Ubuntu 17.10 (secondary).
NOTE: Secondary indicates some issue(s) preventing full/reliable
functionality outside the scope of the vioscsi work.
* If the attached disks are non-bootable (i.e. empty), SeaBIOS (vmd's
default BIOS) will boot from CD-ROM.
ok mlarkin@, jca@
|
|
etc) from underlying switch interface instead of handling this on its
own.
Diff from carlos cardenas, Thanks!
ok reyk@
|
|
/etc/hostname.bridge* files, and specify which bridge to use for a given
virtual switch in vm.conf.
diff from Carlos Cardenas, thanks
|
|
iovec_mem() populates an iovec array based on guest physical
addresses. this allows the use of things like readv and writev for
moving data between the guest and a disk image file without having
to bounce the memory.
vaddr_mem() provides a vmd usable pointer based on a guests physical
address. this makes it possible to directly reference things like
virtio rings without having to bounce that memory either. however,
it assumes that a contiguous range of guest physical memory will
sit in a single vm memory range. mlarkin@ says this is right.
ok mlarkin@
|
|
they make bit fiddling easier to read in later diffs.
ok mlarkin@
|
|
diff provided by Carlos Cardenas, thanks
|
|
These don't work today and present the user with a confusing error
message if an attempt is made to use them. This commit detects attempts
to use block or character devices and if detected, presents the user with
a better message.
ok jasper
From Carlos Cardenas, thanks!
|
|
This restricts receiving vms from hosts with more cpu features.
Tested on
broadwell -> skylake (works)
skylake -> broadwell (don't work)
ok mlarkin@
|
|
vmctl so that it can display proper errors for "disk missing" and "bios
missing" situations. Expands on an earlier idea/diff from jasper.
ok jasper@, pd@, tedu@
|
|
ok reyk@ and mlarkin@
|
|
With help from Ashwin Agrawal
ok reyk@ mlarkin@
|
|
to begin with anyways.
|
|
async io operations. ok mlarkin
|
|
OK mlarkin@
|
|
This allows to configure VM interfaces and switches in individual rdomains.
OK mlarkin@
|
|
The default prefix is 100.64.0.0/10 from RFC6598.
Requested by sthen@ chris@
OK mlarkin@
|
|
When a local interface is configured, vmd configures a /31 address on
the tap(4) interface of the host and provides another IP in the same
subnet via DHCP (BOOTP) to the VM. vmd runs an internal BOOTP server
that replies with IP, gateway, and DNS addresses to the VM. The
built-in server only ever responds to the VM on the inside and cannot
leak its DHCP responses to the outside.
Thanks to Uwe Werler, Josh Grosse, and some others for testing!
OK deraadt@
|
|
Each VM has two IDs: one from the kernel (vmm) and a different one
from userland (vmd). The vmm ID is not consistent and incremented on
every boot during runtimg of the host system. The vmd ID remains the
same during the lifetime of a configured VM, even after reboots.
Configured VMs will even get and keep their IDs when the configuration
is loaded. This is more what users expect.
Pointed out and tested by otto@
OK deraadt@
|
|
Instead of using the internal "vmboot", VMs will now be booted using
the external BIOS firmware in /etc/firmware/vmm-bios (which is subject
to a LGPLv3 license). Direct booting of OpenBSD kernels or
non-default BIOS images is still supported for now using the -b/boot
option that is replacing the -k/kernel option.
As requested by Theo, vmd(8) fails if neither the default BIOS is
found nor a kernel has been specified in the VM configuration. The
"vmm" BIOS has to be installed using fw_update(1), which will be done
automatically in most cases where the OpenBSD can fetch it after
install/upgrade.
OK mlarkin@
|
|
This change handles various cases to power off the VM, even if it is
unresponsive, stuck in ddb, or when the shutdown was initiated from
the VM guest side. Usage of timeout and VM ACKs make sure that the VM
is really turned off at some point.
OK mlarkin@
|
|
This is especially useful when multiple VMs share a switch, the
implementation is independent from the underlying switch or bridge.
no objections mlarkin@
|
|
As discussed with mlarkin@, it makes it easier to maintain the file.
OK mlarkin@
|
|
This allows matching users to start or stop VMs that they "own" and to
access the console accordingly.
OK mlarkin@
|
|
This allows more flexibility for upcoming changes and better pledge.
We also didn't use half of the features of libutil's openpty function.
Additionally, make sure that the ttys are closed correctly on shutdown.
OK gilles@
|
|
The semantics agreed with reyk@ are:
* ad-hoc created vms, created with `vmctl start`, are removed once stopped.
* Stopped VMs defined in a config file are flushed before a `vmctl reload`.
OK reyk@
|
|
It currently uses the device to request graceful shutdown of a VM on
"vmctl stop myvm" but will be extended for reboot and a other edge cases.
OK mlarkin@
|
|
For now, this is only used to forward "log verbose|brief" requests,
but it will be used for better things later.
OK mlarkin@
|
