diff --git a/.github/workflows/commit-message-check.yaml b/.github/workflows/commit-message-check.yaml index c76ac1abed..a4852c0798 100644 --- a/.github/workflows/commit-message-check.yaml +++ b/.github/workflows/commit-message-check.yaml @@ -10,7 +10,7 @@ env: error_msg: |+ See the document below for help on formatting commits for the project. - https://github.com/kata-containers/community/blob/master/CONTRIBUTING.md#patch-format + https://github.com/kata-containers/community/blob/main/CONTRIBUTING.md#patch-format jobs: commit-message-check: diff --git a/docs/how-to/run-kata-with-k8s.md b/docs/how-to/run-kata-with-k8s.md index 29d7309876..fd53838b88 100644 --- a/docs/how-to/run-kata-with-k8s.md +++ b/docs/how-to/run-kata-with-k8s.md @@ -104,26 +104,69 @@ $ sudo kubeadm init --ignore-preflight-errors=all --cri-socket /run/containerd/c $ export KUBECONFIG=/etc/kubernetes/admin.conf ``` -You can force Kubelet to use Kata Containers by adding some `untrusted` -annotation to your pod configuration. In our case, this ensures Kata -Containers is the selected runtime to run the described workload. +### Allow pods to run in the master node -`nginx-untrusted.yaml` -```yaml -apiVersion: v1 -kind: Pod +By default, the cluster will not schedule pods in the master node. To enable master node scheduling: +```bash +$ sudo -E kubectl taint nodes --all node-role.kubernetes.io/master- +``` + +### Create runtime class for Kata Containers + +Users can use [`RuntimeClass`](https://kubernetes.io/docs/concepts/containers/runtime-class/#runtime-class) to specify a different runtime for Pods. + +```bash +$ cat > runtime.yaml < Note: Kata Containers supports creating VM sandboxes with Intel® SGX enabled -> using [cloud-hypervisor](https://github.com/cloud-hypervisor/cloud-hypervisor/) VMM only. QEMU support is waiting to get the -> Intel SGX enabled QEMU upstream release. - -## Installation - -### Kata Containers Guest Kernel - -Follow the instructions to [setup](../../tools/packaging/kernel/README.md#setup-kernel-source-code) and [build](../../tools/packaging/kernel/README.md#build-the-kernel) the experimental guest kernel. Then, install as: - -```sh -$ sudo cp kata-linux-experimental-*/vmlinux /opt/kata/share/kata-containers/vmlinux.sgx -$ sudo sed -i 's|vmlinux.container|vmlinux.sgx|g' \ - /opt/kata/share/defaults/kata-containers/configuration-clh.toml -``` +> using [cloud-hypervisor](https://github.com/cloud-hypervisor/cloud-hypervisor/) and [QEMU](https://www.qemu.org/) VMMs only. ### Kata Containers Configuration @@ -48,6 +35,8 @@ to the `sandbox` are: `["io.katacontainers.*", "sgx.intel.com/epc"]`. With the following sample job deployed using `kubectl apply -f`: +> Note: Change the `runtimeClassName` option accordingly, only `kata-clh` and `kata-qemu` support Intel® SGX. + ```yaml apiVersion: batch/v1 kind: Job diff --git a/src/runtime/virtcontainers/container.go b/src/runtime/virtcontainers/container.go index eaf9a12311..1da33814e2 100644 --- a/src/runtime/virtcontainers/container.go +++ b/src/runtime/virtcontainers/container.go @@ -12,6 +12,7 @@ import ( "os" "path/filepath" "strconv" + "strings" "syscall" "time" @@ -1060,7 +1061,18 @@ func (c *Container) signalProcess(ctx context.Context, processID string, signal return fmt.Errorf("Container not ready, running or paused, impossible to signal the container") } - return c.sandbox.agent.signalProcess(ctx, c, processID, signal, all) + // kill(2) method can return ESRCH in certain cases, which is not handled by containerd cri server in container_stop.go. + // CRIO server also doesn't handle ESRCH. So kata runtime will swallow it here. + var err error + if err = c.sandbox.agent.signalProcess(ctx, c, processID, signal, all); err != nil && + strings.Contains(err.Error(), "ESRCH: No such process") { + c.Logger().WithFields(logrus.Fields{ + "container": c.id, + "process-id": processID, + }).Warn("signal encounters ESRCH, process already finished") + return nil + } + return err } func (c *Container) winsizeProcess(ctx context.Context, processID string, height, width uint32) error { diff --git a/src/runtime/virtcontainers/container_test.go b/src/runtime/virtcontainers/container_test.go index b41fcc1089..eddf8ed701 100644 --- a/src/runtime/virtcontainers/container_test.go +++ b/src/runtime/virtcontainers/container_test.go @@ -86,7 +86,7 @@ func TestContainerRemoveDrive(t *testing.T) { sandbox := &Sandbox{ ctx: context.Background(), id: "sandbox", - devManager: manager.NewDeviceManager(manager.VirtioSCSI, false, "", nil), + devManager: manager.NewDeviceManager(config.VirtioSCSI, false, "", nil), config: &SandboxConfig{}, } @@ -320,7 +320,7 @@ func TestContainerAddDriveDir(t *testing.T) { sandbox := &Sandbox{ ctx: context.Background(), id: testSandboxID, - devManager: manager.NewDeviceManager(manager.VirtioSCSI, false, "", nil), + devManager: manager.NewDeviceManager(config.VirtioSCSI, false, "", nil), hypervisor: &mockHypervisor{}, agent: &mockAgent{}, config: &SandboxConfig{ diff --git a/src/runtime/virtcontainers/device/config/config.go b/src/runtime/virtcontainers/device/config/config.go index 69be4f5832..48280092d6 100644 --- a/src/runtime/virtcontainers/device/config/config.go +++ b/src/runtime/virtcontainers/device/config/config.go @@ -51,7 +51,7 @@ const ( // VirtioBlock means use virtio-blk for hotplugging drives VirtioBlock = "virtio-blk" - // VirtioBlockCCW means use virtio-blk for hotplugging drives + // VirtioBlockCCW means use virtio-blk-ccw for hotplugging drives VirtioBlockCCW = "virtio-blk-ccw" // VirtioSCSI means use virtio-scsi for hotplugging drives @@ -72,6 +72,12 @@ const ( VirtioFSNydus = "virtio-fs-nydus" ) +const ( + // Define the string key for DriverOptions in DeviceInfo struct + FsTypeOpt = "fstype" + BlockDriverOpt = "block-driver" +) + const ( // The OCI spec requires the major-minor number to be provided for a // device. We have chosen the below major numbers to represent @@ -97,7 +103,7 @@ var getSysDevPath = getSysDevPathImpl // DeviceInfo is an embedded type that contains device data common to all types of devices. type DeviceInfo struct { // DriverOptions is specific options for each device driver - // for example, for BlockDevice, we can set DriverOptions["blockDriver"]="virtio-blk" + // for example, for BlockDevice, we can set DriverOptions["block-driver"]="virtio-blk" DriverOptions map[string]string // Hostpath is device path on host diff --git a/src/runtime/virtcontainers/device/config/pmem.go b/src/runtime/virtcontainers/device/config/pmem.go index 81d1da9b57..44fd321873 100644 --- a/src/runtime/virtcontainers/device/config/pmem.go +++ b/src/runtime/virtcontainers/device/config/pmem.go @@ -81,8 +81,8 @@ func PmemDeviceInfo(source, destination string) (*DeviceInfo, error) { fstype = "ext4" } - pmemLog.WithField("fstype", fstype).Debug("filesystem for mount point") - device.DriverOptions["fstype"] = fstype + pmemLog.WithField(FsTypeOpt, fstype).Debug("filesystem for mount point") + device.DriverOptions[FsTypeOpt] = fstype return device, nil } diff --git a/src/runtime/virtcontainers/device/drivers/block.go b/src/runtime/virtcontainers/device/drivers/block.go index ce7eaceda1..faaadf32c9 100644 --- a/src/runtime/virtcontainers/device/drivers/block.go +++ b/src/runtime/virtcontainers/device/drivers/block.go @@ -70,13 +70,13 @@ func (device *BlockDevice) Attach(ctx context.Context, devReceiver api.DeviceRec ReadOnly: device.DeviceInfo.ReadOnly, } - if fs, ok := device.DeviceInfo.DriverOptions["fstype"]; ok { + if fs, ok := device.DeviceInfo.DriverOptions[config.FsTypeOpt]; ok { drive.Format = fs } customOptions := device.DeviceInfo.DriverOptions if customOptions == nil || - customOptions["block-driver"] == "virtio-scsi" { + customOptions[config.BlockDriverOpt] == config.VirtioSCSI { // User has not chosen a specific block device type // Default to SCSI scsiAddr, err := utils.GetSCSIAddress(index) @@ -85,15 +85,15 @@ func (device *BlockDevice) Attach(ctx context.Context, devReceiver api.DeviceRec } drive.SCSIAddr = scsiAddr - } else if customOptions["block-driver"] != "nvdimm" { + } else if customOptions[config.BlockDriverOpt] != config.Nvdimm { var globalIdx int - switch customOptions["block-driver"] { - case "virtio-blk": + switch customOptions[config.BlockDriverOpt] { + case config.VirtioBlock: globalIdx = index - case "virtio-blk-ccw": + case config.VirtioBlockCCW: globalIdx = index - case "virtio-mmio": + case config.VirtioMmio: //With firecracker the rootfs for the VM itself //sits at /dev/vda and consumes the first index. //Longer term block based VM rootfs should be added @@ -111,7 +111,7 @@ func (device *BlockDevice) Attach(ctx context.Context, devReceiver api.DeviceRec drive.VirtPath = filepath.Join("/dev", driveName) } - deviceLogger().WithField("device", device.DeviceInfo.HostPath).WithField("VirtPath", drive.VirtPath).Infof("Attaching %s device", customOptions["block-driver"]) + deviceLogger().WithField("device", device.DeviceInfo.HostPath).WithField("VirtPath", drive.VirtPath).Infof("Attaching %s device", customOptions[config.BlockDriverOpt]) device.BlockDrive = drive if err = devReceiver.HotplugAddDevice(ctx, device, config.DeviceBlock); err != nil { return err diff --git a/src/runtime/virtcontainers/device/drivers/vhost_user_blk.go b/src/runtime/virtcontainers/device/drivers/vhost_user_blk.go index 39dd2bd239..4a495c9d51 100644 --- a/src/runtime/virtcontainers/device/drivers/vhost_user_blk.go +++ b/src/runtime/virtcontainers/device/drivers/vhost_user_blk.go @@ -100,14 +100,14 @@ func isVirtioBlkBlockDriver(customOptions map[string]string) bool { if customOptions == nil { // User has not chosen a specific block device type // Default to SCSI - blockDriverOption = "virtio-scsi" + blockDriverOption = config.VirtioSCSI } else { - blockDriverOption = customOptions["block-driver"] + blockDriverOption = customOptions[config.BlockDriverOpt] } - if blockDriverOption == "virtio-blk" || - blockDriverOption == "virtio-blk-ccw" || - blockDriverOption == "virtio-mmio" { + if blockDriverOption == config.VirtioBlock || + blockDriverOption == config.VirtioBlockCCW || + blockDriverOption == config.VirtioMmio { return true } diff --git a/src/runtime/virtcontainers/device/manager/manager.go b/src/runtime/virtcontainers/device/manager/manager.go index 195187ba82..9a5bba2604 100644 --- a/src/runtime/virtcontainers/device/manager/manager.go +++ b/src/runtime/virtcontainers/device/manager/manager.go @@ -21,19 +21,6 @@ import ( "github.com/kata-containers/kata-containers/src/runtime/virtcontainers/utils" ) -const ( - // VirtioMmio indicates block driver is virtio-mmio based - VirtioMmio string = "virtio-mmio" - // VirtioBlock indicates block driver is virtio-blk based - VirtioBlock string = "virtio-blk" - // VirtioBlockCCW indicates block driver is virtio-blk-ccw based - VirtioBlockCCW string = "virtio-blk-ccw" - // VirtioSCSI indicates block driver is virtio-scsi based - VirtioSCSI string = "virtio-scsi" - // Nvdimm indicates block driver is nvdimm based - Nvdimm string = "nvdimm" -) - var ( // ErrIDExhausted represents that devices are too many // and no more IDs can be generated @@ -69,16 +56,16 @@ func NewDeviceManager(blockDriver string, vhostUserStoreEnabled bool, vhostUserS vhostUserStorePath: vhostUserStorePath, devices: make(map[string]api.Device), } - if blockDriver == VirtioMmio { - dm.blockDriver = VirtioMmio - } else if blockDriver == VirtioBlock { - dm.blockDriver = VirtioBlock - } else if blockDriver == Nvdimm { - dm.blockDriver = Nvdimm - } else if blockDriver == VirtioBlockCCW { - dm.blockDriver = VirtioBlockCCW + if blockDriver == config.VirtioMmio { + dm.blockDriver = config.VirtioMmio + } else if blockDriver == config.VirtioBlock { + dm.blockDriver = config.VirtioBlock + } else if blockDriver == config.Nvdimm { + dm.blockDriver = config.Nvdimm + } else if blockDriver == config.VirtioBlockCCW { + dm.blockDriver = config.VirtioBlockCCW } else { - dm.blockDriver = VirtioSCSI + dm.blockDriver = config.VirtioSCSI } drivers.AllPCIeDevs = make(map[string]bool) @@ -132,13 +119,13 @@ func (dm *deviceManager) createDevice(devInfo config.DeviceInfo) (dev api.Device if devInfo.DriverOptions == nil { devInfo.DriverOptions = make(map[string]string) } - devInfo.DriverOptions["block-driver"] = dm.blockDriver + devInfo.DriverOptions[config.BlockDriverOpt] = dm.blockDriver return drivers.NewVhostUserBlkDevice(&devInfo), nil } else if isBlock(devInfo) { if devInfo.DriverOptions == nil { devInfo.DriverOptions = make(map[string]string) } - devInfo.DriverOptions["block-driver"] = dm.blockDriver + devInfo.DriverOptions[config.BlockDriverOpt] = dm.blockDriver return drivers.NewBlockDevice(&devInfo), nil } else { deviceLogger().WithField("device", devInfo.HostPath).Info("Device has not been passed to the container") diff --git a/src/runtime/virtcontainers/device/manager/manager_linux_test.go b/src/runtime/virtcontainers/device/manager/manager_linux_test.go index 78773fc5c2..b47a38c0ad 100644 --- a/src/runtime/virtcontainers/device/manager/manager_linux_test.go +++ b/src/runtime/virtcontainers/device/manager/manager_linux_test.go @@ -31,7 +31,7 @@ func TestAttachVhostUserBlkDevice(t *testing.T) { tmpDir, err := os.MkdirTemp("", "") dm := &deviceManager{ - blockDriver: VirtioBlock, + blockDriver: config.VirtioBlock, devices: make(map[string]api.Device), vhostUserStoreEnabled: true, vhostUserStorePath: tmpDir, diff --git a/src/runtime/virtcontainers/device/manager/manager_test.go b/src/runtime/virtcontainers/device/manager/manager_test.go index f0d7ef974d..8e1b8ec4bf 100644 --- a/src/runtime/virtcontainers/device/manager/manager_test.go +++ b/src/runtime/virtcontainers/device/manager/manager_test.go @@ -26,7 +26,7 @@ const dirMode = os.FileMode(0750) | os.ModeDir func TestNewDevice(t *testing.T) { dm := &deviceManager{ - blockDriver: VirtioBlock, + blockDriver: config.VirtioBlock, devices: make(map[string]api.Device), } savedSysDevPrefix := config.SysDevPrefix @@ -96,7 +96,7 @@ func TestNewDevice(t *testing.T) { func TestAttachVFIODevice(t *testing.T) { dm := &deviceManager{ - blockDriver: VirtioBlock, + blockDriver: config.VirtioBlock, devices: make(map[string]api.Device), } tmpDir, err := os.MkdirTemp("", "") @@ -155,7 +155,7 @@ func TestAttachVFIODevice(t *testing.T) { func TestAttachGenericDevice(t *testing.T) { dm := &deviceManager{ - blockDriver: VirtioBlock, + blockDriver: config.VirtioBlock, devices: make(map[string]api.Device), } path := "/dev/tty2" @@ -180,7 +180,7 @@ func TestAttachGenericDevice(t *testing.T) { func TestAttachBlockDevice(t *testing.T) { dm := &deviceManager{ - blockDriver: VirtioBlock, + blockDriver: config.VirtioBlock, devices: make(map[string]api.Device), } path := "/dev/hda" @@ -203,7 +203,7 @@ func TestAttachBlockDevice(t *testing.T) { assert.Nil(t, err) // test virtio SCSI driver - dm.blockDriver = VirtioSCSI + dm.blockDriver = config.VirtioSCSI device, err = dm.NewDevice(deviceInfo) assert.Nil(t, err) err = device.Attach(context.Background(), devReceiver) @@ -214,7 +214,7 @@ func TestAttachBlockDevice(t *testing.T) { } func TestAttachDetachDevice(t *testing.T) { - dm := NewDeviceManager(VirtioSCSI, false, "", nil) + dm := NewDeviceManager(config.VirtioSCSI, false, "", nil) path := "/dev/hda" deviceInfo := config.DeviceInfo{ diff --git a/src/runtime/virtcontainers/documentation/api/1.0/api.md b/src/runtime/virtcontainers/documentation/api/1.0/api.md index a2e1a55ff1..6455e19d0b 100644 --- a/src/runtime/virtcontainers/documentation/api/1.0/api.md +++ b/src/runtime/virtcontainers/documentation/api/1.0/api.md @@ -547,7 +547,7 @@ type DeviceInfo struct { ID string // DriverOptions is specific options for each device driver - // for example, for BlockDevice, we can set DriverOptions["blockDriver"]="virtio-blk" + // for example, for BlockDevice, we can set DriverOptions["block-driver"]="virtio-blk" DriverOptions map[string]string } ``` @@ -835,7 +835,7 @@ type DeviceInfo struct { ID string // DriverOptions is specific options for each device driver - // for example, for BlockDevice, we can set DriverOptions["blockDriver"]="virtio-blk" + // for example, for BlockDevice, we can set DriverOptions["block-driver"]="virtio-blk" DriverOptions map[string]string } ``` diff --git a/src/runtime/virtcontainers/kata_agent_test.go b/src/runtime/virtcontainers/kata_agent_test.go index f494626c62..bcca754ba6 100644 --- a/src/runtime/virtcontainers/kata_agent_test.go +++ b/src/runtime/virtcontainers/kata_agent_test.go @@ -390,10 +390,10 @@ func TestHandleBlockVolume(t *testing.T) { mounts = append(mounts, vMount, bMount, dMount) tmpDir := "/vhost/user/dir" - dm := manager.NewDeviceManager(manager.VirtioBlock, true, tmpDir, devices) + dm := manager.NewDeviceManager(config.VirtioBlock, true, tmpDir, devices) sConfig := SandboxConfig{} - sConfig.HypervisorConfig.BlockDeviceDriver = manager.VirtioBlock + sConfig.HypervisorConfig.BlockDeviceDriver = config.VirtioBlock sandbox := Sandbox{ id: "100", containers: containers, diff --git a/src/runtime/virtcontainers/persist/api/device.go b/src/runtime/virtcontainers/persist/api/device.go index acb05fc674..dd61efbfcf 100644 --- a/src/runtime/virtcontainers/persist/api/device.go +++ b/src/runtime/virtcontainers/persist/api/device.go @@ -86,7 +86,7 @@ type VhostUserDeviceAttrs struct { // Refs: virtcontainers/device/drivers/generic.go:GenericDevice type DeviceState struct { // DriverOptions is specific options for each device driver - // for example, for BlockDevice, we can set DriverOptions["blockDriver"]="virtio-blk" + // for example, for BlockDevice, we can set DriverOptions["block-driver"]="virtio-blk" DriverOptions map[string]string // VhostUserDeviceAttrs is specific for vhost-user device driver diff --git a/src/runtime/virtcontainers/persist_test.go b/src/runtime/virtcontainers/persist_test.go index 228638a960..b6c096a5d9 100644 --- a/src/runtime/virtcontainers/persist_test.go +++ b/src/runtime/virtcontainers/persist_test.go @@ -10,11 +10,11 @@ import ( "os" "testing" - "github.com/stretchr/testify/assert" - + "github.com/kata-containers/kata-containers/src/runtime/virtcontainers/device/config" "github.com/kata-containers/kata-containers/src/runtime/virtcontainers/device/manager" "github.com/kata-containers/kata-containers/src/runtime/virtcontainers/persist" "github.com/kata-containers/kata-containers/src/runtime/virtcontainers/types" + "github.com/stretchr/testify/assert" ) func TestSandboxRestore(t *testing.T) { @@ -32,7 +32,7 @@ func TestSandboxRestore(t *testing.T) { sandbox := Sandbox{ id: "test-exp", containers: container, - devManager: manager.NewDeviceManager(manager.VirtioSCSI, false, "", nil), + devManager: manager.NewDeviceManager(config.VirtioSCSI, false, "", nil), hypervisor: &mockHypervisor{}, network: network, ctx: context.Background(), diff --git a/src/runtime/virtcontainers/sandbox_test.go b/src/runtime/virtcontainers/sandbox_test.go index 344551e3b9..b1556ec156 100644 --- a/src/runtime/virtcontainers/sandbox_test.go +++ b/src/runtime/virtcontainers/sandbox_test.go @@ -548,7 +548,7 @@ func TestSandboxAttachDevicesVFIO(t *testing.T) { config.SysIOMMUPath = savedIOMMUPath }() - dm := manager.NewDeviceManager(manager.VirtioSCSI, false, "", nil) + dm := manager.NewDeviceManager(config.VirtioSCSI, false, "", nil) path := filepath.Join(vfioPath, testFDIOGroup) deviceInfo := config.DeviceInfo{ HostPath: path, @@ -599,7 +599,7 @@ func TestSandboxAttachDevicesVhostUserBlk(t *testing.T) { tmpDir, err := os.MkdirTemp("", "") assert.Nil(t, err) os.RemoveAll(tmpDir) - dm := manager.NewDeviceManager(manager.VirtioSCSI, true, tmpDir, nil) + dm := manager.NewDeviceManager(config.VirtioSCSI, true, tmpDir, nil) vhostUserDevNodePath := filepath.Join(tmpDir, "/block/devices/") vhostUserSockPath := filepath.Join(tmpDir, "/block/sockets/") diff --git a/src/runtime/virtcontainers/utils/utils.go b/src/runtime/virtcontainers/utils/utils.go index f03a5aa259..88c29cec5a 100644 --- a/src/runtime/virtcontainers/utils/utils.go +++ b/src/runtime/virtcontainers/utils/utils.go @@ -321,6 +321,7 @@ func WaitLocalProcess(pid int, timeoutSecs uint, initialSignal syscall.Signal, l if initialSignal != syscall.Signal(0) { if err = syscall.Kill(pid, initialSignal); err != nil { if err == syscall.ESRCH { + logger.WithField("pid", pid).Warnf("kill encounters ESRCH, process already finished") return nil } diff --git a/tools/osbuilder/rootfs-builder/rootfs.sh b/tools/osbuilder/rootfs-builder/rootfs.sh index d9ca852dd8..b7b6798a5a 100755 --- a/tools/osbuilder/rootfs-builder/rootfs.sh +++ b/tools/osbuilder/rootfs-builder/rootfs.sh @@ -651,12 +651,12 @@ EOF container_registries_dir="${ROOTFS_DIR}/etc/containers/registries.d" mkdir -p ${container_registries_dir} - cat << EOT | tee ${container_registries_dir}/quay.io.yaml + cat << EOF | tee ${container_registries_dir}/quay.io.yaml docker: quay.io/kata-containers/confidential-containers: sigstore: file://${rootfs_quay_verification_directory}/signatures sigstore-staging: file://${rootfs_quay_verification_directory}/signatures -EOT +EOF fi if [ -n "${AA_KBC}" ]; then diff --git a/tools/packaging/qemu/patches/6.2.x/Revert-target-ppc-Move-SPR_DSISR-setting-to-powerpc_excp.patch b/tools/packaging/qemu/patches/6.2.x/Revert-target-ppc-Move-SPR_DSISR-setting-to-powerpc_excp.patch new file mode 100644 index 0000000000..caccdb49ad --- /dev/null +++ b/tools/packaging/qemu/patches/6.2.x/Revert-target-ppc-Move-SPR_DSISR-setting-to-powerpc_excp.patch @@ -0,0 +1,81 @@ +From 29c4a3363bf287bb9a7b0342b1bc2dba3661c96c Mon Sep 17 00:00:00 2001 +From: Fabiano Rosas +Date: Fri, 17 Dec 2021 17:57:18 +0100 +Subject: [PATCH] Revert "target/ppc: Move SPR_DSISR setting to powerpc_excp" +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +This reverts commit 336e91f85332dda0ede4c1d15b87a19a0fb898a2. + +It breaks the --disable-tcg build: + + ../target/ppc/excp_helper.c:463:29: error: implicit declaration of + function ‘cpu_ldl_code’ [-Werror=implicit-function-declaration] + +We should not have TCG code in powerpc_excp because some kvm-only +routines use it indirectly to dispatch interrupts. See +kvm_handle_debug, spapr_mce_req_event and +spapr_do_system_reset_on_cpu. + +We can re-introduce the change once we have split the interrupt +injection code between KVM and TCG. + +Signed-off-by: Fabiano Rosas +Message-Id: <20211209173323.2166642-1-farosas@linux.ibm.com> +Signed-off-by: Cédric Le Goater +--- + target/ppc/excp_helper.c | 21 ++++++++++++--------- + 1 file changed, 12 insertions(+), 9 deletions(-) + +diff --git a/target/ppc/excp_helper.c b/target/ppc/excp_helper.c +index feb3fd42e2..6ba0840e99 100644 +--- a/target/ppc/excp_helper.c ++++ b/target/ppc/excp_helper.c +@@ -464,15 +464,13 @@ static inline void powerpc_excp(PowerPCCPU *cpu, int excp_model, int excp) + break; + } + case POWERPC_EXCP_ALIGN: /* Alignment exception */ ++ /* Get rS/rD and rA from faulting opcode */ + /* +- * Get rS/rD and rA from faulting opcode. +- * Note: We will only invoke ALIGN for atomic operations, +- * so all instructions are X-form. ++ * Note: the opcode fields will not be set properly for a ++ * direct store load/store, but nobody cares as nobody ++ * actually uses direct store segments. + */ +- { +- uint32_t insn = cpu_ldl_code(env, env->nip); +- env->spr[SPR_DSISR] |= (insn & 0x03FF0000) >> 16; +- } ++ env->spr[SPR_DSISR] |= (env->error_code & 0x03FF0000) >> 16; + break; + case POWERPC_EXCP_PROGRAM: /* Program exception */ + switch (env->error_code & ~0xF) { +@@ -1441,6 +1439,11 @@ void ppc_cpu_do_unaligned_access(CPUState *cs, vaddr vaddr, + int mmu_idx, uintptr_t retaddr) + { + CPUPPCState *env = cs->env_ptr; ++ uint32_t insn; ++ ++ /* Restore state and reload the insn we executed, for filling in DSISR. */ ++ cpu_restore_state(cs, retaddr, true); ++ insn = cpu_ldl_code(env, env->nip); + + switch (env->mmu_model) { + case POWERPC_MMU_SOFT_4xx: +@@ -1456,8 +1459,8 @@ void ppc_cpu_do_unaligned_access(CPUState *cs, vaddr vaddr, + } + + cs->exception_index = POWERPC_EXCP_ALIGN; +- env->error_code = 0; +- cpu_loop_exit_restore(cs, retaddr); ++ env->error_code = insn & 0x03FF0000; ++ cpu_loop_exit(cs); + } + #endif /* CONFIG_TCG */ + #endif /* !CONFIG_USER_ONLY */ +-- +GitLab + diff --git a/tools/packaging/qemu/patches/tag_patches/v6.2.0/no_patches.txt b/tools/packaging/qemu/patches/tag_patches/v6.2.0/no_patches.txt new file mode 100644 index 0000000000..e69de29bb2 diff --git a/tools/packaging/scripts/configure-hypervisor.sh b/tools/packaging/scripts/configure-hypervisor.sh index 1d3689927e..1e3e2f6088 100755 --- a/tools/packaging/scripts/configure-hypervisor.sh +++ b/tools/packaging/scripts/configure-hypervisor.sh @@ -250,7 +250,6 @@ generate_qemu_options() { qemu_options+=(size:--disable-auth-pam) # Disable unused filesystem support - [ "$arch" == x86_64 ] && qemu_options+=(size:--disable-fdt) qemu_options+=(size:--disable-glusterfs) qemu_options+=(size:--disable-libiscsi) qemu_options+=(size:--disable-libnfs) @@ -303,7 +302,6 @@ generate_qemu_options() { ;; esac qemu_options+=(size:--disable-qom-cast-debug) - qemu_options+=(size:--disable-tcmalloc) # Disable libudev since it is only needed for qemu-pr-helper and USB, # none of which are used with Kata diff --git a/versions.yaml b/versions.yaml index 8d79f61123..69540d54fb 100644 --- a/versions.yaml +++ b/versions.yaml @@ -88,8 +88,8 @@ assets: qemu: description: "VMM that uses KVM" url: "https://github.com/qemu/qemu" - version: "v6.1.0" - tag: "v6.1.0" + version: "v6.2.0" + tag: "v6.2.0" # Do not include any non-full release versions # Break the line *without CR or space being appended*, to appease # yamllint, and note the deliberate ' ' at the end of the expression.