[ port from runtime commit 18662e16687453185ff4cf99b495a34e3ea9935f ]
It's up to the user enable/disable pmu. After previous commit, the default
pmu option has been set to off.
This patch removes the hard limitation and unit test codes.
Signed-off-by: Jia He <justin.he@arm.com>
Signed-off-by: Peng Tao <bergwolf@hyper.sh>
[ port from runtime commit 41a06d4961f51af4ec4799aaee202c744584f31e ]
The user sometimes doesn't care about pmu usage(e.g. perf tool profiling).
But pmu will cost significant overhead on boot time and virtualization
context switch. E.g. on arm64, if guest pmu is enabled, kvm should save
and restore all PMU registers when guest/host switching.
for dmesg comparision:
Before:
[ 0.007620] bus: 'platform': driver_probe_device: matched device pmu with driver armv8-pmu
[ 0.007622] bus: 'platform': really_probe: probing driver armv8-pmu with device pmu
[ 0.036282] hw perfevents: enabled with armv8_pmuv3 PMU driver, 7 counters available
[ 0.036285] driver: 'armv8-pmu': driver_bound: bound to device 'pmu'
[ 0.036295] bus: 'platform': really_probe: bound device pmu to driver armv8-pmu
After:
[ 0.007935] bus: 'platform': driver_probe_device: matched device alarmtimer with driver alarmtimer
[ 0.007937] bus: 'platform': really_probe: probing driver alarmtimer with device alarmtimer
[ 0.007940] driver: 'alarmtimer': driver_bound: bound to device 'alarmtimer'
[ 0.007944] bus: 'platform': really_probe: bound device alarmtimer to driver alarmtimer
Because s390 doest support "pmu=off", keep the default CPUFEATURES to be ""
instead of "pmu=off".
Signed-off-by: Jia He <justin.he@arm.com>
Signed-off-by: Peng Tao <bergwolf@hyper.sh>
[ port from runtime commit f03c17d107999fd68da87d98ab3e242ac7843051 ]
So that users can use annotations to set it.
Signed-off-by: Jia He <justin.he@arm.com>
Signed-off-by: Peng Tao <bergwolf@hyper.sh>
[ port from runtime commit 0100af18a2afdd6dfcc95129ec6237ba4915b3e5 ]
To control whether guest can enable/disable some CPU features. E.g. pmu=off,
vmx=off. As discussed in the thread [1], the best approach is to let users
specify them. How about adding a new option in the configuration file.
Currently this patch only supports this option in qemu,no other vmm.
[1] https://github.com/kata-containers/runtime/pull/2559#issuecomment-603998256
Signed-off-by: Jia He <justin.he@arm.com>
Signed-off-by: Peng Tao <bergwolf@hyper.sh>
[ port from runtime commit 67d3e2c5c5d11738c0c0ff46b1228909a6c81ab0 ]
Some network plugins add static arp entries in the network namespace.
Scan namespace for static entries and pass these on to the
agent to be added within the guest.
If the grpc api is not implemented by the agent due to a older running
agent, check for this and do not error out to maintain
backward compatibility.
Signed-off-by: Archana Shinde <archana.m.shinde@intel.com>
Signed-off-by: Peng Tao <bergwolf@hyper.sh>
[ port from runtime commit 6c517548429da06d33172c8e135dc9b9a297175d ]
The systemd debug and kernel init call debug flags make slow the boot.
The flags are not really related with the hypervisor and
can be added if needed using extra kernel command line options.
Signed-off-by: Jose Carlos Venegas Munoz <jose.carlos.venegas.munoz@intel.com>
Signed-off-by: Peng Tao <bergwolf@hyper.sh>
[ port from runtime commit 160e3a7c98043a52032b15cc8f6e32a91b032258 ]
Cloud hypervisor logs console via stdout. Using console logs help
to get not only agent logs but early boot kernel logs.
Signed-off-by: Jose Carlos Venegas Munoz <jose.carlos.venegas.munoz@intel.com>
Signed-off-by: Peng Tao <bergwolf@hyper.sh>
[ port from runtime commit e1ee00d16ed621594a92ce0456eb048362962ff0 ]
Use systemd-cat to collect hypervisor output. The `systemd-cat` program
will open a journal fd and call `cat(1)` to redirect all the output to
the fd. This requires an extra binary to read from hypervisor stdout
(that has combined stdin, stderr and serial terminal). But because it is
cat the overhead is minimal and only is started on Kata debug mode.
Signed-off-by: Jose Carlos Venegas Munoz <jose.carlos.venegas.munoz@intel.com>
Signed-off-by: Peng Tao <bergwolf@hyper.sh>
[ port from runtime commit 5e5527204c03036f1d1a6b3122c1e0c3e1d1ba94 ]
The block device driver defaults to 'virtio-scsi' when it is not set in
the hypervisor configuration file, while cloud-hypervisor supports only
'virtio-blk' for its block devices.
Signed-off-by: Bo Chen <chen.bo@intel.com>
Signed-off-by: Peng Tao <bergwolf@hyper.sh>
[ port from runtime commit c5f97b24d7a1eaac216f144b2c5429feb3451553 ]
With this patch, the container image can be shared from host with guest
as a block device when the 'devicemapper' is used as the storage driver
for docker. Note: The 'block_device_driver="virtio-blk"' entry is
required in the hypervisor config file to work properly.
Signed-off-by: Bo Chen <chen.bo@intel.com>
Signed-off-by: Peng Tao <bergwolf@hyper.sh>
It should iter the shells to find the existing shell
command instead of return an error directly when it
meet an absent shell command.
Fixes: #354
Signed-off-by: fupan.lfp <fupan.lfp@antfin.com>
[ port from runtime commit 7b269ff7aa2d62fe12593ff7040798e6c9bd5d65 ]
If we take one of the error paths from setupVirtiofsd() after
opening the fd variable, the fd.Close() function is not called.
Signed-off-by: Christophe de Dinechin <dinechin@redhat.com>
Signed-off-by: Peng Tao <bergwolf@hyper.sh>
[ port from runtime commit 882a82393305a4b11a77744b5fc77b98e42d15b9 ]
Send virtiofsd logs to syslog in the same way that qemu implementation
does. This requires not to wait for messages from virtiofsd stdout. This
takes the qemu implementation approach. Give the socket fd to virtiofsd.
Signed-off-by: Jose Carlos Venegas Munoz <jose.carlos.venegas.munoz@intel.com>
Signed-off-by: Peng Tao <bergwolf@hyper.sh>
[ port from runtime commit 86f581068eb9dc4b6862c7415cdc912e111177dd ]
This exits out of polling for OOM events if the getOOMEvent
method is unimplemented.
Signed-off-by: Alex Price <aprice@atlassian.com>
Signed-off-by: Peng Tao <bergwolf@hyper.sh>
[ port from runtime commit b4833a48c81132e5a6b1c25a764cd0ebbdc6afff ]
fix tests and nit
Signed-off-by: Alex Price <aprice@atlassian.com>
Signed-off-by: Peng Tao <bergwolf@hyper.sh>
[ port from runtime commit 6aff077901021d9a0075c446dfe281b2487e1487 ]
With the addition of support to govmm for multiple transports (intel/govmm#111)
and microvm (intel/govmm#121) we can now enable support for the 'microvm'
machine type in kata-runtime.
Signed-off-by: Liam Merwick <liam.merwick@oracle.com>
Signed-off-by: Peng Tao <bergwolf@hyper.sh>
[ port from runtime commit 86686b56a2bf7f6dd62f620278ae289564da51d0 ]
This adds support for the getOOMEvent agent endpoint to retrieve OOM
events from the agent.
Signed-off-by: Alex Price <aprice@atlassian.com>
Signed-off-by: Peng Tao <bergwolf@hyper.sh>
[ port from runtime commit 86686b56a2bf7f6dd62f620278ae289564da51d0 ]
This adds support for the getOOMEvent agent endpoint to retrieve OOM
events from the agent.
Signed-off-by: Alex Price <aprice@atlassian.com>
Signed-off-by: Peng Tao <bergwolf@hyper.sh>
[ port from runtime commit ee985a608015d81772901c1d9999190495fc9a0a ]
After removing dectect of host gic version, we need to limit the max vCPU
in different cases.
Given that in most cases, Kata is running on gicv3 host, set it as default
value. If the user really want to run Kata on gicv2 host, he/she need to
set default_maxvcpus in toml file to 8 instead of 0.
In summary, If the user uses host gicv3 gicv4, everything is fine
If the user uses host gicv2, set default_maxvcpus=8
Signed-off-by: Jia He <justin.he@arm.com>
Signed-off-by: Peng Tao <bergwolf@hyper.sh>
[ port from runtime commit c4b5922df2 ]
Most of the description fields have capitalized text,
some of those that don't are then converted on this
change.
Fixed spelling of 'required'.
Signed-off-by: Wainer dos Santos Moschetta <wainersm@redhat.com>
Signed-off-by: Peng Tao <bergwolf@hyper.sh>
[ port from runtime repository commit 4d4a153af5cb145215cb6e6e386eac2bcb8c3e32 ]
Commit b4385901da ("qemu/arm64: Detect host GIC version to configure guest
GIC") reads /proc/interrupts to detect the host gic version.
But on a ThunderX2 host with 224 cpus, the /proc/interrupts is ~762K bytes.
Hence it will costs ~900K bytes memory overhead.
From the go tool pprof results:
flat flat% sum% cum cum%
976.89kB 100% 100% 976.89kB 100% github.com/kata-containers/runtime/virtcontainers.getHostGICVersion
Although the allocated memory will be freed, seems it worthy removing that
for speed up the runtime.
As per [1], there is no perfect way to detect the gic version on host.
At qemu side, if we use "gic-version=host", qemu will automatically detect
the verion by kvm ioctl. So we'd better let qemu determine the gic version.
If the user really want to start vm with gic-verion=2, he/she can set it
in machine_accelerators option.
[1]https://lists.cs.columbia.edu/pipermail/kvmarm/2014-October/011690.html
Signed-off-by: Jia He <justin.he@arm.com>
Signed-off-by: Peng Tao <bergwolf@hyper.sh>
[ port from runtime repository commit e36389e25e ]
After backporting patch series of enabling memory hot remove on aarch64
to v5.4.x, we finally could enable nvdimm/dax on aarch64.
Signed-off-by: Penny Zheng <penny.zheng@arm.com>
Signed-off-by: Peng Tao <bergwolf@hyper.sh>
[ port from runtime repository commit 7e47046111 ]
If major version matches max supported major, we continue comparing the minor version.
Signed-off-by: Ted Yu <yuzhihong@gmail.com>
Signed-off-by: Peng Tao <bergwolf@hyper.sh>
Removing code that existed as a workaround for a bug in
how shared process namespaces were handled in the agent.
That has been long fixed in the agent.
With this, sharedPidNs will now work with shimv2.
Fixes#337
Signed-off-by: Archana Shinde <archana.m.shinde@intel.com>
Define a set of functions that support the standard rules (build,
install, test, *etc*). Then simply add new components and tools to the
appropriate variable to support all the standard build semantics.
Fixes#331.
Signed-off-by: James O. D. Hunt <james.o.hunt@intel.com>
Changed the name of the rule that runs the tests to "test" for
consistency, but retained `check` for backwards compatibility
for now.
Signed-off-by: James O. D. Hunt <james.o.hunt@intel.com>
