Open
Conversation
Codecov Report❌ Patch coverage is Additional details and impacted files@@ Coverage Diff @@
## main #5786 +/- ##
==========================================
- Coverage 83.04% 82.97% -0.08%
==========================================
Files 276 276
Lines 29466 29580 +114
==========================================
+ Hits 24471 24544 +73
- Misses 4995 5036 +41
Flags with carried forward coverage won't be shown. Click here to find out more. ☔ View full report in Codecov by Sentry. 🚀 New features to boost your workflow:
|
ApiServerAdapter has a handle_request() method for dispatching requests received from the API thread to the right handler. This method is called from inside EventManager::run() which takes &mut self as an argument. This can be problematic if we want to modify the EventManager object from inside handle_request(). Work around that by having ApiServerAdapter::process() store the request but not call handle_request(). EventManager::run() returns after handling each event. Call handle_request() after EventManager::run() in the event loop. In a subsequent patch, handle_request() will take a &mut EventManager as an argument. Signed-off-by: Ilias Stamatis <ilstam@amazon.com>
The handle_request() function will soon need access to the EventManager in order to add and remove new objects to support device hot-plugging. Pass a mutable reference of EventManager to handle_request() in preparation of that. Signed-off-by: Ilias Stamatis <ilstam@amazon.com>
Pmem::alloc_region() panics if it fails to allocate the address range it needs. That is especially problematic for hot-plugging support, since it means failing to attach a device would kill the entire VM. Remove the unwrap and introduce a new error code that is propagated to the caller in case of failure. Signed-off-by: Ilias Stamatis <ilstam@amazon.com>
The EntropyDevice and PmemDevice error names are inconsistent with the error names used for all other devices all of which use the Config suffix. Rename them to EntropyConfig and PmemConfig for consistency. Signed-off-by: Ilias Stamatis <ilstam@amazon.com>
Firecracker has been rejecting device attach API requests after the VM was started until now. Add hot-plugging for Block, Pmem and Net PCIe devices. This enables the relevant API calls and attaches the device to the PCIe "bus". No notification is delivered to the guest at the moment to notify it that a new device has been added. The guest has to manually rescan the bus in order to detect new devices. Signed-off-by: Ilias Stamatis <ilstam@amazon.com>
The device hotplug path creates devices after boot, when seccomp filters are already active. This requires allowing syscalls that were previously only called during boot before seccomp was installed. Add the following to the vmm thread filter: - timerfd_create: RateLimiter creates a TimerFd for each new device - ioctl(KVM_IOEVENTFD): registering ioeventfds for virtqueue notification - ioctl(TUNSETIFF): opening tap device for net hotplug - ioctl(TUNSETOFFLOAD): configuring tap offload for net hotplug - ioctl(TUNSETVNETHDRSZ): setting vnet header size for net hotplug - mmap(MAP_SHARED|MAP_NORESERVE): pmem backing file mapping - mmap(MAP_PRIVATE|MAP_NORESERVE|MAP_ANONYMOUS): pmem aligned region - mmap(MAP_SHARED|MAP_NORESERVE|MAP_FIXED): pmem file overlay mapping - mmap(MAP_SHARED|MAP_FIXED): IovDeque ring buffer for net device - memfd_create: IovDeque ring buffer for net device - fcntl(F_ADD_SEALS): IovDeque memfd sealing for net device Signed-off-by: Ilias Stamatis <ilstam@amazon.com>
Add unit tests for testing the possible failure modes of hotplugging different classes of devices. Signed-off-by: Ilias Stamatis <ilstam@amazon.com>
Add integration tests for block, pmem and net hotplugging. The tests require a manual PCI bus rescan at the moment since no hotplug notification mechanism is implemented at the moment. Signed-off-by: Ilias Stamatis <ilstam@amazon.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Add PCI hotplug support. No hotplug notification mechanism is implemented yet, so the the guest needs to rescan the PCI "bus" manually in order to see new attachments.
License Acceptance
By submitting this pull request, I confirm that my contribution is made under
the terms of the Apache 2.0 license. For more information on following Developer
Certificate of Origin and signing off your commits, please check
CONTRIBUTING.md.PR Checklist
tools/devtool checkbuild --allto verify that the PR passesbuild checks on all supported architectures.
tools/devtool checkstyleto verify that the PR passes theautomated style checks.
how they are solving the problem in a clear and encompassing way.
in the PR.
CHANGELOG.md.Runbook for Firecracker API changes.
integration tests.
TODO.rust-vmm.