| Age | Commit message (Collapse) | Author |
|---|
|
|
|
Previous change to allow overriding changed the way we parsed and
stored the boot image path. The lifetime of the path was...much too
short. Heap allocate the kernel path.
Found by Mischa Peters.
ok mlarkin@
|
|
|
|
vmd allows non-root users to "own" a vm defined in vm.conf(5). While
the user can start/stop the vm, if they break their filesystem they
have no means of booting recovery media like a ramdisk kernel.
This change opens the provided boot kernel via vmctl and passes the
file descriptor through the control channel to vmd. The next boot
of the vm will use the provided file descriptor as boot kernel/bios.
Subsequent boots (e.g. a reboot) will return to using behavior
defined in vm.conf or the default bios image.
ok mlarkin@
|
|
No functional change. virtio block/networking emulation do not need
to know about vmm or any kernel types.
|
|
Add explicit default labels in switch() statements with error handling.
Right now these are not reachable. Should also clear some gcc warnings.
OK tb@
|
|
Right now these are not reachable. Should also clear some gcc warnings.
OK tb@
|
|
Isolate virtio network and block device emulation in dedicated
processes, forked and exec'd from the vm process. This allows for
tightening pledge promises to just "stdio".
Communication between the vcpu's and these devices now occurs via
imsg channels, which adds the benefit of not always blocking the
vcpu thread while emulating the device.
With this commit, it's possible that vmd is the first open source
hypervisor that *defaults* to a multi-process device emulation
model without requiring any additional configuration from the
operator.
Testing help from phessler@ and Mischa Peters.
ok mlarkin@
|
|
so update rad(8) to the new ones.
OK florian@
|
|
|
|
rather than always getting the current system time for every certificate
verification. This will result in output that is not variable on run-time.
ok tb@ claudio@
|
|
Much rejoice from tb@ and job@
OK tb@
|
|
This is intended to be able to test rpki-client in a reproducable
way without worrying about the system time changing the results
ok claudio@
|
|
|
|
and return -1 in json_do_finish().
tb@ thinks this is not to horrible
|
|
OK tb@
|
|
applicable provider
Reported by Ties de Kock
OK claudio@
|
|
|
|
Needed for bison.
|
|
|
|
OK claudio@
|
|
"please fix" json
|
|
This fixes some wrong accounting for repositories that are referenced
from more than one TAL. It changes the ometric lable output a little bit
since there are repository metrics that no longer include the 'name' label.
OK tb@
|
|
|
|
OK martijn@
|
|
Finally! We can remove kernel headers from vmctl.
ok mlarkin@
|
|
The object sent to vmm(4) contained file paths and details the
kernel does not need for cpu virtualization as device emulation is
in userland. Effectively, "pull up" the struct members from the
vm_create_params struct to the parent vmop_create_params struct.
This allows us to clean up some of vmd(8) and simplify things for
switching to having vmctl(8) open the "kernel" file (SeaBIOS, bsd.rd,
etc.) to allow users to boot recovery ramdisk kernels.
ok mlarkin@
|
|
media.
No functional change to existing behaviour.
|
|
first (DIR_VALID) but perfer the 2nd (DIR_TEMP) since this allows
rpki-client to move the equal files from .rrdp back into the valid
repo tree and so there are less unaccounted files for.
Problem noticed by and OK job@
|
|
/var/log/{messages,daemon} logs ENOENT as error on default configless vmd.
Only complain on explicitly passed files and print a debug hint under `-vv'
in case someone forgot to populate their /etc/vm.conf.
OK dv mlarkin
|
|
|
|
filesystem in the specified kernel.
No behaviour change to existing uses of rdsetroot.
Improved option handling & ok kn@
|
|
other
OK claudio@
|
|
Use execvp(2) to launch vm children with new address spaces.
Consequently, introduces use of unveil(2) into the vmm and vm
processes.
This imposes the requirement of launching vmd with absolute paths,
similar to sshd(8).
ok mlarkin@
|
|
from the very similar 'network show'.
|
|
OK tb@
|
|
prefix/rib dump functions.
OK tb@
|
|
OK tb@ jmc@
|
|
|
|
Moving some of the virtio devices to zero-copy approaches required
tracking the host-side virtual address for the gpa of virtqueues.
Upon a send/receive they are invalid as the restoring system will
most likely use a different address space layout.
Recompute the hva's on receive and NULL them on send.
ok mlarkin@
|
|
introduced with flowspec.
OK tb@
|
|
|
|
OK tb@
|
|
OK tb@
|
|
ASPA provider AS sets can include optional limitations to inet/inet6 these
limits are represented in the TAS_AID bit masks (2bits per AS).
Introduce a TAS_AID_SIZE() makro that returns the size in bytes of this
bit mask (rounded to the next uint32_t).
Without this change aspa objects with AID specific elements trigger a
fatal error condition when the config is loaded.
OK tb@ job@
|
|
|
|
other AFI
OK claudio@
|
|
This uses the flowspec.c file from bgpd and implements the output
for flowspec only for the text printer for now. That code uses a lot
of code from printconf.c
OK tb@
|
|
IMSG_FLOWSPEC_ADD and IMSG_FLOWSPEC_REMOVE received from bgpctl via SE.
OK tb@
|
|
Input and OK jmc@ tb@
|
