Merge pull request #3460 from devimc/2021-01-17/vendorGovmm

vendor: update govmm

docs/how-to/how-to-set-sandbox-config-kata.md

@@ -56,7 +56,6 @@ There are several kinds of Kata configurations and they are listed below.
 | `io.katacontainers.config.hypervisor.enable_iommu` | `boolean` | enable `iommu` on Q35 (QEMU x86_64) |
 | `io.katacontainers.config.hypervisor.enable_iothreads` | `boolean`| enable IO to be processed in a separate thread. Supported currently for virtio-`scsi` driver |
 | `io.katacontainers.config.hypervisor.enable_mem_prealloc` | `boolean` | the memory space used for `nvdimm` device by the hypervisor |
-| `io.katacontainers.config.hypervisor.enable_swap` | `boolean` | enable swap of VM memory |
 | `io.katacontainers.config.hypervisor.enable_vhost_user_store` | `boolean` | enable vhost-user storage device (QEMU) |
 | `io.katacontainers.config.hypervisor.enable_virtio_mem` | `boolean` | enable virtio-mem (QEMU) |
 | `io.katacontainers.config.hypervisor.entropy_source` (R) | string| the path to a host source of entropy (`/dev/random`, `/dev/urandom` or real hardware RNG device) |

src/runtime/Makefile

@@ -361,7 +361,6 @@ USER_VARS += CONFIG_PATH
 USER_VARS += CONFIG_QEMU_IN
 USER_VARS += DESTDIR
 USER_VARS += DEFAULT_HYPERVISOR
-USER_VARS += DEFENABLEMSWAP
 USER_VARS += ACRNCMD
 USER_VARS += ACRNCTLCMD
 USER_VARS += ACRNPATH

src/runtime/config/configuration-fc.toml.in

@@ -153,10 +153,6 @@ block_device_driver = "@DEFBLOCKSTORAGEDRIVER_FC@"
 # command line: intel_iommu=on,iommu=pt
 #enable_iommu = true
 
-# Enable swap of vm memory. Default false.
-# The behaviour is undefined if mem_prealloc is also set to true
-#enable_swap = true
-
 # This option changes the default hypervisor and kernel parameters
 # to enable debug output where available.
 #

src/runtime/config/configuration-qemu.toml.in

@@ -250,10 +250,6 @@ valid_vhost_user_store_paths = @DEFVALIDVHOSTUSERSTOREPATHS@
 # Your distribution recommends: @DEFVALIDFILEMEMBACKENDS@
 valid_file_mem_backends = @DEFVALIDFILEMEMBACKENDS@
 
-# Enable swap of vm memory. Default false.
-# The behaviour is undefined if mem_prealloc is also set to true
-#enable_swap = true
-
 # -pflash can add image file to VM. The arguments of it should be in format
 # of ["/path/to/flash0.img", "/path/to/flash1.img"]
 pflashes = []

src/runtime/go.mod

@@ -28,7 +28,7 @@ require (
 	github.com/gogo/protobuf v1.3.2
 	github.com/hashicorp/go-multierror v1.0.0
 	github.com/intel-go/cpuid v0.0.0-20210602155658-5747e5cec0d9
-	github.com/kata-containers/govmm v0.0.0-20210909155007-1b60b536f3c7
+	github.com/kata-containers/govmm v0.0.0-20220117131932-0781a21804ee
 	github.com/mdlayher/vsock v0.0.0-20191108225356-d9c65923cb8f
 	github.com/opencontainers/runc v1.0.3
 	github.com/opencontainers/runtime-spec v1.0.3-0.20210326190908-1c3f411f0417

src/runtime/go.sum

@@ -576,8 +576,8 @@ github.com/jtolds/gls v4.20.0+incompatible h1:xdiiI2gbIgH/gLH7ADydsJ1uDOEzR8yvV7
 github.com/jtolds/gls v4.20.0+incompatible/go.mod h1:QJZ7F/aHp+rZTRtaJ1ow/lLfFfVYBRgL+9YlvaHOwJU=
 github.com/julienschmidt/httprouter v1.2.0/go.mod h1:SYymIcj16QtmaHHD7aYtjjsJG7VTCxuUUipMqKk8s4w=
 github.com/julienschmidt/httprouter v1.3.0/go.mod h1:JR6WtHb+2LUe8TCKY3cZOxFyyO8IZAc4RVcycCCAKdM=
-github.com/kata-containers/govmm v0.0.0-20210909155007-1b60b536f3c7 h1:lrtaReMyoviyn/Gtd9iAmQ9qNSTaS3QC1NgQ+h5fliI=
-github.com/kata-containers/govmm v0.0.0-20210909155007-1b60b536f3c7/go.mod h1:A6QaNB6N6PRQ9mTRpFtUxiF5T5CJpzLALjxBrUQPlFI=
+github.com/kata-containers/govmm v0.0.0-20220117131932-0781a21804ee h1:XofauxL6B1JEeDS+Ta/M1tM9Kutj/n72JSAvx10ubFA=
+github.com/kata-containers/govmm v0.0.0-20220117131932-0781a21804ee/go.mod h1:A6QaNB6N6PRQ9mTRpFtUxiF5T5CJpzLALjxBrUQPlFI=
 github.com/kisielk/errcheck v1.1.0/go.mod h1:EZBBE59ingxPouuu3KfxchcWSUPOHkagtvWXihfKN4Q=
 github.com/kisielk/errcheck v1.2.0/go.mod h1:/BMXB+zMLi60iA8Vv6Ksmxu/1UDYcXs4uQLJ+jE2L00=
 github.com/kisielk/errcheck v1.5.0/go.mod h1:pFxgyoBC7bSaBwPgfKdkLd5X25qrDl4LWUI2bnpBCr8=

src/runtime/pkg/katautils/config-settings.go.in

@@ -71,7 +71,6 @@ const defaultEnableHugePages bool = false
 const defaultEnableIOMMU bool = false
 const defaultEnableIOMMUPlatform bool = false
 const defaultFileBackedMemRootDir string = ""
-const defaultEnableSwap bool = false
 const defaultEnableDebug bool = false
 const defaultDisableNestingChecks bool = false
 const defaultMsize9p uint32 = 8192

src/runtime/pkg/katautils/config.go

@@ -123,7 +123,6 @@ type hypervisor struct {
 	VirtioMem               bool     `toml:"enable_virtio_mem"`
 	IOMMU                   bool     `toml:"enable_iommu"`
 	IOMMUPlatform           bool     `toml:"enable_iommu_platform"`
-	Swap                    bool     `toml:"enable_swap"`
 	Debug                   bool     `toml:"enable_debug"`
 	DisableNestingChecks    bool     `toml:"disable_nesting_checks"`
 	EnableIOThreads         bool     `toml:"enable_iothreads"`
@@ -554,7 +553,6 @@ func newFirecrackerHypervisorConfig(h hypervisor) (vc.HypervisorConfig, error) {
 		DefaultBridges:        h.defaultBridges(),
 		DisableBlockDeviceUse: h.DisableBlockDeviceUse,
 		HugePages:             h.HugePages,
-		Mlock:                 !h.Swap,
 		Debug:                 h.Debug,
 		DisableNestingChecks:  h.DisableNestingChecks,
 		BlockDeviceDriver:     blockDriver,
@@ -672,7 +670,6 @@ func newQemuHypervisorConfig(h hypervisor) (vc.HypervisorConfig, error) {
 		IOMMUPlatform:           h.getIOMMUPlatform(),
 		FileBackedMemRootDir:    h.FileBackedMemRootDir,
 		FileBackedMemRootList:   h.FileBackedMemRootList,
-		Mlock:                   !h.Swap,
 		Debug:                   h.Debug,
 		DisableNestingChecks:    h.DisableNestingChecks,
 		BlockDeviceDriver:       blockDriver,
@@ -755,7 +752,6 @@ func newAcrnHypervisorConfig(h hypervisor) (vc.HypervisorConfig, error) {
 		EntropySourceList:     h.EntropySourceList,
 		DefaultBridges:        h.defaultBridges(),
 		HugePages:             h.HugePages,
-		Mlock:                 !h.Swap,
 		Debug:                 h.Debug,
 		DisableNestingChecks:  h.DisableNestingChecks,
 		BlockDeviceDriver:     blockDriver,
@@ -841,7 +837,6 @@ func newClhHypervisorConfig(h hypervisor) (vc.HypervisorConfig, error) {
 		HugePages:               h.HugePages,
 		FileBackedMemRootDir:    h.FileBackedMemRootDir,
 		FileBackedMemRootList:   h.FileBackedMemRootList,
-		Mlock:                   !h.Swap,
 		Debug:                   h.Debug,
 		DisableNestingChecks:    h.DisableNestingChecks,
 		BlockDeviceDriver:       blockDriver,
@@ -1022,7 +1017,6 @@ func GetDefaultHypervisorConfig() vc.HypervisorConfig {
 		IOMMU:                   defaultEnableIOMMU,
 		IOMMUPlatform:           defaultEnableIOMMUPlatform,
 		FileBackedMemRootDir:    defaultFileBackedMemRootDir,
-		Mlock:                   !defaultEnableSwap,
 		Debug:                   defaultEnableDebug,
 		DisableNestingChecks:    defaultDisableNestingChecks,
 		BlockDeviceDriver:       defaultBlockDeviceDriver,

src/runtime/pkg/katautils/config_test.go

@@ -155,7 +155,6 @@ func createAllRuntimeConfigFiles(dir, hypervisor string) (config testRuntimeConf
 		DisableBlockDeviceUse: disableBlockDevice,
 		BlockDeviceDriver:     defaultBlockDeviceDriver,
 		DefaultBridges:        defaultBridgesCount,
-		Mlock:                 !defaultEnableSwap,
 		EnableIOThreads:       enableIOThreads,
 		HotplugVFIOOnRootBus:  hotplugVFIOOnRootBus,
 		PCIeRootPort:          pcieRootPort,
@@ -563,7 +562,6 @@ func TestMinimalRuntimeConfig(t *testing.T) {
 		MemorySize:            defaultMemSize,
 		DisableBlockDeviceUse: defaultDisableBlockDeviceUse,
 		DefaultBridges:        defaultBridgesCount,
-		Mlock:                 !defaultEnableSwap,
 		BlockDeviceDriver:     defaultBlockDeviceDriver,
 		Msize9p:               defaultMsize9p,
 		GuestHookPath:         defaultGuestHookPath,

src/runtime/pkg/oci/utils.go

@@ -566,15 +566,6 @@ func addHypervisorMemoryOverrides(ocispec specs.Spec, sbConfig *vc.SandboxConfig
 		return err
 	}
 
-	if value, ok := ocispec.Annotations[vcAnnotations.EnableSwap]; ok {
-		enableSwap, err := strconv.ParseBool(value)
-		if err != nil {
-			return fmt.Errorf("Error parsing annotation for enable_swap: Please specify boolean value 'true|false'")
-		}
-
-		sbConfig.HypervisorConfig.Mlock = !enableSwap
-	}
-
 	if value, ok := ocispec.Annotations[vcAnnotations.FileBackedMemRootDir]; ok {
 		if !checkPathIsInGlobs(runtime.HypervisorConfig.FileBackedMemRootList, value) {
 			return fmt.Errorf("file_mem_backend value %v required from annotation is not valid", value)

src/runtime/pkg/oci/utils_test.go

@@ -650,7 +650,6 @@ func TestAddHypervisorAnnotations(t *testing.T) {
 	ocispec.Annotations[vcAnnotations.MemOffset] = "512"
 	ocispec.Annotations[vcAnnotations.VirtioMem] = "true"
 	ocispec.Annotations[vcAnnotations.MemPrealloc] = "true"
-	ocispec.Annotations[vcAnnotations.EnableSwap] = "true"
 	ocispec.Annotations[vcAnnotations.FileBackedMemRootDir] = "/dev/shm"
 	ocispec.Annotations[vcAnnotations.HugePages] = "true"
 	ocispec.Annotations[vcAnnotations.IOMMU] = "true"
@@ -687,7 +686,6 @@ func TestAddHypervisorAnnotations(t *testing.T) {
 	assert.Equal(config.HypervisorConfig.MemOffset, uint64(512))
 	assert.Equal(config.HypervisorConfig.VirtioMem, true)
 	assert.Equal(config.HypervisorConfig.MemPrealloc, true)
-	assert.Equal(config.HypervisorConfig.Mlock, false)
 	assert.Equal(config.HypervisorConfig.FileBackedMemRootDir, "/dev/shm")
 	assert.Equal(config.HypervisorConfig.HugePages, true)
 	assert.Equal(config.HypervisorConfig.IOMMU, true)

src/runtime/vendor/github.com/kata-containers/govmm/qemu/qemu.go

@@ -66,6 +66,9 @@ type Device interface {
 type DeviceDriver string
 
 const (
+	// LegacySerial is the legacy serial device driver
+	LegacySerial DeviceDriver = "serial"
+
 	// NVDIMM is the Non Volatile DIMM device driver.
 	NVDIMM DeviceDriver = "nvdimm"
 
@@ -231,6 +234,9 @@ const (
 	// MemoryBackendFile represents a guest memory mapped file.
 	MemoryBackendFile ObjectType = "memory-backend-file"
 
+	// MemoryBackendEPC represents a guest memory backend EPC for SGX.
+	MemoryBackendEPC ObjectType = "memory-backend-epc"
+
 	// TDXGuest represents a TDX object
 	TDXGuest ObjectType = "tdx-guest"
 
@@ -280,6 +286,9 @@ type Object struct {
 
 	// ReadOnly specifies whether `MemPath` is opened read-only or read/write (default)
 	ReadOnly bool
+
+	// Prealloc enables memory preallocation
+	Prealloc bool
 }
 
 // Valid returns true if the Object structure is valid and complete.
@@ -287,6 +296,8 @@ func (object Object) Valid() bool {
 	switch object.Type {
 	case MemoryBackendFile:
 		return object.ID != "" && object.MemPath != "" && object.Size != 0
+	case MemoryBackendEPC:
+		return object.ID != "" && object.Size != 0
 	case TDXGuest:
 		return object.ID != "" && object.File != "" && object.DeviceID != ""
 	case SEVGuest:
@@ -323,6 +334,14 @@ func (object Object) QemuParams(config *Config) []string {
 			objectParams = append(objectParams, "readonly=on")
 			deviceParams = append(deviceParams, "unarmed=on")
 		}
+	case MemoryBackendEPC:
+		objectParams = append(objectParams, string(object.Type))
+		objectParams = append(objectParams, fmt.Sprintf("id=%s", object.ID))
+		objectParams = append(objectParams, fmt.Sprintf("size=%d", object.Size))
+		if object.Prealloc {
+			objectParams = append(objectParams, "prealloc=on")
+		}
+
 	case TDXGuest:
 		objectParams = append(objectParams, string(object.Type))
 		objectParams = append(objectParams, fmt.Sprintf("id=%s", object.ID))
@@ -549,6 +568,9 @@ const (
 
 	// PTY creates a new pseudo-terminal on the host and connect to it.
 	PTY CharDeviceBackend = "pty"
+
+	// File sends traffic from the guest to a file on the host.
+	File CharDeviceBackend = "file"
 )
 
 // CharDevice represents a qemu character device.
@@ -637,8 +659,11 @@ func (cdev CharDevice) QemuParams(config *Config) []string {
 		cdevParams = append(cdevParams, fmt.Sprintf("path=%s", cdev.Path))
 	}
 
-	qemuParams = append(qemuParams, "-device")
-	qemuParams = append(qemuParams, strings.Join(deviceParams, ","))
+	// Legacy serial is special. It does not follow the device + driver model
+	if cdev.Driver != LegacySerial {
+		qemuParams = append(qemuParams, "-device")
+		qemuParams = append(qemuParams, strings.Join(deviceParams, ","))
+	}
 
 	qemuParams = append(qemuParams, "-chardev")
 	qemuParams = append(qemuParams, strings.Join(cdevParams, ","))
@@ -978,6 +1003,43 @@ func (netdev NetDevice) QemuParams(config *Config) []string {
 	return qemuParams
 }
 
+// LegacySerialDevice represents a qemu legacy serial device.
+type LegacySerialDevice struct {
+	// ID is the serial device identifier.
+	// This maps to the char dev associated with the device
+	// as serial does not have a notion of id
+	// e.g:
+	// -chardev stdio,id=char0,mux=on,logfile=serial.log,signal=off -serial chardev:char0
+	// -chardev file,id=char0,path=serial.log -serial chardev:char0
+	Chardev string
+}
+
+// Valid returns true if the LegacySerialDevice structure is valid and complete.
+func (dev LegacySerialDevice) Valid() bool {
+	return dev.Chardev != ""
+}
+
+// QemuParams returns the qemu parameters built out of this serial device.
+func (dev LegacySerialDevice) QemuParams(config *Config) []string {
+	var deviceParam string
+	var qemuParams []string
+
+	deviceParam = fmt.Sprintf("chardev:%s", dev.Chardev)
+
+	qemuParams = append(qemuParams, "-serial")
+	qemuParams = append(qemuParams, deviceParam)
+
+	return qemuParams
+}
+
+/* Not used currently
+// deviceName returns the QEMU device name for the current combination of
+// driver and transport.
+func (dev LegacySerialDevice) deviceName(config *Config) string {
+	return dev.Chardev
+}
+*/
+
 // SerialDevice represents a qemu serial device.
 type SerialDevice struct {
 	// Driver is the qemu device driver
@@ -1173,7 +1235,7 @@ func (blkdev BlockDevice) QemuParams(config *Config) []string {
 	blkParams = append(blkParams, fmt.Sprintf("if=%s", blkdev.Interface))
 
 	if blkdev.ReadOnly {
-		blkParams = append(blkParams, "readonly")
+		blkParams = append(blkParams, "readonly=on")
 	}
 
 	qemuParams = append(qemuParams, "-device")
@@ -2411,18 +2473,18 @@ type Knobs struct {
 	MemShared bool
 
 	// Mlock will control locking of memory
-	// Only active when Realtime is set to true
 	Mlock bool
 
 	// Stopped will not start guest CPU at startup
 	Stopped bool
 
-	// Realtime will enable realtime QEMU
-	Realtime bool
-
 	// Exit instead of rebooting
+	// Prevents QEMU from rebooting in the event of a Triple Fault.
 	NoReboot bool
 
+	// Don’t exit QEMU on guest shutdown, but instead only stop the emulation.
+	NoShutdown bool
+
 	// IOMMUPlatform will enable IOMMU for supported devices
 	IOMMUPlatform bool
 }
@@ -2795,30 +2857,19 @@ func (config *Config) appendKnobs() {
 		config.qemuParams = append(config.qemuParams, "--no-reboot")
 	}
 
+	if config.Knobs.NoShutdown {
+		config.qemuParams = append(config.qemuParams, "--no-shutdown")
+	}
+
 	if config.Knobs.Daemonize {
 		config.qemuParams = append(config.qemuParams, "-daemonize")
 	}
 
 	config.appendMemoryKnobs()
 
-	if config.Knobs.Realtime {
-		config.qemuParams = append(config.qemuParams, "-realtime")
-		// This path is redundant as the default behaviour is locked memory
-		// Realtime today does not control any other feature even though
-		// other features may be added in the future
-		// https://lists.gnu.org/archive/html/qemu-devel/2012-12/msg03330.html
-		if config.Knobs.Mlock {
-			config.qemuParams = append(config.qemuParams, "mlock=on")
-		} else {
-			config.qemuParams = append(config.qemuParams, "mlock=off")
-		}
-	} else {
-		// In order to turn mlock off we need the -realtime option as well
-		if !config.Knobs.Mlock {
-			//Enable realtime anyway just to get the right swapping behaviour
-			config.qemuParams = append(config.qemuParams, "-realtime")
-			config.qemuParams = append(config.qemuParams, "mlock=off")
-		}
+	if config.Knobs.Mlock {
+		config.qemuParams = append(config.qemuParams, "-overcommit")
+		config.qemuParams = append(config.qemuParams, "mem-lock=on")
 	}
 
 	if config.Knobs.Stopped {

src/runtime/vendor/github.com/kata-containers/govmm/qemu/qmp.go

@@ -761,7 +761,7 @@ func (q *QMP) ExecuteCont(ctx context.Context) error {
 // This function will block until the SHUTDOWN event is received.
 func (q *QMP) ExecuteSystemPowerdown(ctx context.Context) error {
 	filter := &qmpEventFilter{
-		eventName: "SHUTDOWN",
+		eventName: "POWERDOWN",
 	}
 	return q.executeCommand(ctx, "system_powerdown", nil, filter)
 }
@@ -1518,20 +1518,26 @@ func (q *QMP) ExecuteGetFD(ctx context.Context, fdname string, fd *os.File) erro
 // id is an identifier for the device, path specifies the local path of the unix socket,
 // wait is to block waiting for a client to connect, server specifies that the socket is a listening socket.
 func (q *QMP) ExecuteCharDevUnixSocketAdd(ctx context.Context, id, path string, wait, server bool) error {
+	data := map[string]interface{}{
+		"server": server,
+		"addr": map[string]interface{}{
+			"type": "unix",
+			"data": map[string]interface{}{
+				"path": path,
+			},
+		},
+	}
+
+	// wait is only valid for server mode
+	if server {
+		data["wait"] = wait
+	}
+
 	args := map[string]interface{}{
 		"id": id,
 		"backend": map[string]interface{}{
 			"type": "socket",
-			"data": map[string]interface{}{
-				"wait":   wait,
-				"server": server,
-				"addr": map[string]interface{}{
-					"type": "unix",
-					"data": map[string]interface{}{
-						"path": path,
-					},
-				},
-			},
+			"data": data,
 		},
 	}
 	return q.executeCommand(ctx, "chardev-add", args, nil)

src/runtime/vendor/modules.txt

@@ -206,7 +206,7 @@ github.com/hashicorp/go-multierror
 github.com/intel-go/cpuid
 # github.com/josharian/intern v1.0.0
 github.com/josharian/intern
-# github.com/kata-containers/govmm v0.0.0-20210909155007-1b60b536f3c7
+# github.com/kata-containers/govmm v0.0.0-20220117131932-0781a21804ee
 ## explicit
 github.com/kata-containers/govmm/qemu
 # github.com/mailru/easyjson v0.7.6

src/runtime/virtcontainers/documentation/api/1.0/api.md

@@ -277,14 +277,6 @@ type HypervisorConfig struct {
 	// IOMMUPlatform is used to indicate if IOMMU_PLATFORM is enabled for supported devices
 	IOMMUPlatform bool
 
-	// Realtime Used to enable/disable realtime
-	Realtime bool
-
-	// Mlock is used to control memory locking when Realtime is enabled
-	// Realtime=true and Mlock=false, allows for swapping out of VM memory
-	// enabling higher density
-	Mlock bool
-
 	// DisableNestingChecks is used to override customizations performed
 	// when running on top of another VMM.
 	DisableNestingChecks bool

src/runtime/virtcontainers/factory/factory_test.go

@@ -263,7 +263,6 @@ func TestFactoryGetVM(t *testing.T) {
 	assert.Nil(err)
 
 	// checkConfig fall back
-	vmConfig.HypervisorConfig.Mlock = true
 	vm, err = f.GetVM(ctx, vmConfig)
 	assert.Nil(err)
 

src/runtime/virtcontainers/hypervisor.go

@@ -469,14 +469,6 @@ type HypervisorConfig struct {
 	// IOMMUPlatform is used to indicate if IOMMU_PLATFORM is enabled for supported devices
 	IOMMUPlatform bool
 
-	// Realtime Used to enable/disable realtime
-	Realtime bool
-
-	// Mlock is used to control memory locking when Realtime is enabled
-	// Realtime=true and Mlock=false, allows for swapping out of VM memory
-	// enabling higher density
-	Mlock bool
-
 	// DisableNestingChecks is used to override customizations performed
 	// when running on top of another VMM.
 	DisableNestingChecks bool

src/runtime/virtcontainers/persist.go

@@ -239,8 +239,6 @@ func (s *Sandbox) dumpConfig(ss *persistapi.SandboxState) {
 		HugePages:               sconfig.HypervisorConfig.HugePages,
 		FileBackedMemRootDir:    sconfig.HypervisorConfig.FileBackedMemRootDir,
 		FileBackedMemRootList:   sconfig.HypervisorConfig.FileBackedMemRootList,
-		Realtime:                sconfig.HypervisorConfig.Realtime,
-		Mlock:                   sconfig.HypervisorConfig.Mlock,
 		DisableNestingChecks:    sconfig.HypervisorConfig.DisableNestingChecks,
 		DisableImageNvdimm:      sconfig.HypervisorConfig.DisableImageNvdimm,
 		HotplugVFIOOnRootBus:    sconfig.HypervisorConfig.HotplugVFIOOnRootBus,
@@ -508,8 +506,6 @@ func loadSandboxConfig(id string) (*SandboxConfig, error) {
 		HugePages:               hconf.HugePages,
 		FileBackedMemRootDir:    hconf.FileBackedMemRootDir,
 		FileBackedMemRootList:   hconf.FileBackedMemRootList,
-		Realtime:                hconf.Realtime,
-		Mlock:                   hconf.Mlock,
 		DisableNestingChecks:    hconf.DisableNestingChecks,
 		DisableImageNvdimm:      hconf.DisableImageNvdimm,
 		HotplugVFIOOnRootBus:    hconf.HotplugVFIOOnRootBus,

src/runtime/virtcontainers/persist/api/config.go

@@ -184,14 +184,6 @@ type HypervisorConfig struct {
 	// VirtioMem is used to enable/disable virtio-mem
 	VirtioMem bool
 
-	// Realtime Used to enable/disable realtime
-	Realtime bool
-
-	// Mlock is used to control memory locking when Realtime is enabled
-	// Realtime=true and Mlock=false, allows for swapping out of VM memory
-	// enabling higher density
-	Mlock bool
-
 	// DisableNestingChecks is used to override customizations performed
 	// when running on top of another VMM.
 	DisableNestingChecks bool

src/runtime/virtcontainers/pkg/annotations/annotations.go

@@ -152,10 +152,6 @@ const (
 	// MemPrealloc is a sandbox annotation that specifies the memory space used for nvdimm device by the hypervisor.
 	MemPrealloc = kataAnnotHypervisorPrefix + "enable_mem_prealloc"
 
-	// EnableSwap is a sandbox annotation to enable swap of vm memory.
-	// The behaviour is undefined if mem_prealloc is also set to true
-	EnableSwap = kataAnnotHypervisorPrefix + "enable_swap"
-
 	// HugePages is a sandbox annotation to specify if the memory should be pre-allocated from huge pages
 	HugePages = kataAnnotHypervisorPrefix + "enable_hugepages"
 

src/runtime/virtcontainers/qemu.go

@@ -500,8 +500,6 @@ func (q *qemu) CreateVM(ctx context.Context, id string, networkNS NetworkNamespa
 		Daemonize:     true,
 		MemPrealloc:   q.config.MemPrealloc,
 		HugePages:     q.config.HugePages,
-		Realtime:      q.config.Realtime,
-		Mlock:         q.config.Mlock,
 		IOMMUPlatform: q.config.IOMMUPlatform,
 	}