b4768cfc61
The vfio-ioctls 0.6.0 crate changed the vfio_dma_map signature: the host address parameter is now a raw pointer (*mut u8) instead of u64, and the size parameter is usize instead of u64. Since the kernel uses the host address to set up DMA mappings to physical memory — and the caller must guarantee the memory behind that pointer remains valid for the lifetime of the mapping — upstream marked vfio_dma_map as unsafe fn. Wrap vfio_dma_map calls in unsafe blocks and adjust the type casts accordingly. vfio_dma_unmap only needed the usize cast for the size parameter (it does not take a host address, so it remains safe). Bump workspace dependencies: - vfio-bindings 0.6.1 -> 0.6.2 - vfio-ioctls 0.5.0 -> 0.6.0 Signed-off-by: Alex Lyn <alex.lyn@antgroup.com> Signed-off-by: Fabiano Fidêncio <ffidencio@nvidia.com>
Introduction
Dragonball Sandbox is a light-weight virtual machine manager (VMM) based on Linux Kernel-based Virtual Machine (KVM),
which is optimized for container workloads with:
- container image management and acceleration service
- flexible and high-performance virtual device drivers
- low CPU and memory overhead
- minimal startup time
- optimized concurrent startup speed
Dragonball Sandbox aims to provide a simple solution for the Kata Containers community. It is integrated into Kata 3.0
runtime as a built-in VMM and gives users an out-of-the-box Kata Containers experience without complex environment setup
and configuration process.
Getting Started
Documentation
- Device: Device Document
- vCPU: vCPU Document
- API: API Document
Upcall:UpcallDocumentdbs_acpi:dbs_acpiDocumentdbs_address_space:dbs_address_spaceDocumentdbs_allocator:dbs_allocatorDocumentdbs_arch:dbs_archDocumentdbs_boot:dbs_bootDocumentdbs_device:dbs_deviceDocumentdbs_interrupt:dbs_interrputDocumentdbs_legacy_devices:dbs_legacy_devicesDocumentdbs_tdx:dbs_tdxDocumentdbs_upcall:dbs_upcallDocumentdbs_utils:dbs_utilsDocumentdbs_virtio_devices:dbs_virtio_devicesDocumentdbs_pci:dbc_pciDocument
Currently, the documents are still actively adding. You could see the official documentation page for more details.
Supported Architectures
- x86-64
- aarch64
Supported Kernel
Acknowledgement
Part of the code is based on the Cloud Hypervisor project, crosvm project and Firecracker project. They are all rust written virtual machine managers with advantages on safety and security.
Dragonball sandbox is designed to be a VMM that is customized for Kata Containers and we will focus on optimizing container workloads for Kata ecosystem. The focus on the Kata community is what differentiates us from other rust written virtual machines.
License
Dragonball is licensed under Apache License, Version 2.0.