mirror of
https://github.com/kata-containers/kata-containers.git
synced 2026-05-17 04:52:23 +00:00
fd39117a21
From Linux 6.14, creating a TDX VM requires that split irqchip is enabled. Under this circumstance, device IOAPIC would be managed in userspace, instead of KVM, so a manager is needed to handle MMIO read/write to emulated IOAPIC registers. Also, with split irqchip, irqfd is no longer able to trigger an interrupt after device IO is completed. Instead, KVM_SIGNAL_MSI is used for interrupt triggering. Note that only legacy irq with edge-triggered interrupt is implemented here. And split irqchip feature is only enabled when confidential VM type is set to TDX. Signed-off-by: Xiaofan Xxf <xiaofan.xxf@antgroup.com>
92 lines
2.8 KiB
TOML
92 lines
2.8 KiB
TOML
[package]
|
|
name = "dragonball"
|
|
version = "0.1.0"
|
|
authors = ["The Kata Containers community <kata-dev@lists.katacontainers.io>"]
|
|
description = "A secure sandbox for Kata Containers"
|
|
keywords = ["kata-containers", "sandbox", "vmm", "dragonball"]
|
|
homepage = "https://katacontainers.io/"
|
|
repository = "https://github.com/kata-containers/kata-containers.git"
|
|
license = "Apache-2.0"
|
|
edition = "2018"
|
|
|
|
[dependencies]
|
|
anyhow = "1.0.32"
|
|
arc-swap = "1.5.0"
|
|
bytes = "1.1.0"
|
|
dbs-address-space = { workspace = true }
|
|
dbs-allocator = { workspace = true }
|
|
dbs-arch = { workspace = true }
|
|
dbs-boot = { workspace = true }
|
|
dbs-device = { workspace = true }
|
|
dbs-interrupt = { workspace = true, features = ["kvm-irq", "split-irq"] }
|
|
dbs-legacy-devices = { workspace = true }
|
|
dbs-upcall = { workspace = true, optional = true }
|
|
dbs-utils = { workspace = true }
|
|
dbs-virtio-devices = { workspace = true, optional = true, features = [
|
|
"virtio-mmio",
|
|
] }
|
|
dbs-pci = { workspace = true, optional = true }
|
|
derivative = "2.2.0"
|
|
kvm-bindings = { workspace = true }
|
|
kvm-ioctls = { workspace = true }
|
|
lazy_static = "1.2"
|
|
libc = "0.2.39"
|
|
linux-loader = { workspace = true }
|
|
log = "0.4.14"
|
|
nix = "0.24.2"
|
|
procfs = "0.12.0"
|
|
prometheus = { version = "0.14.0", features = ["process"] }
|
|
seccompiler = { workspace = true }
|
|
serde = "1.0.27"
|
|
serde_derive = "1.0.27"
|
|
serde_json = "1.0.9"
|
|
slog = "2.5.2"
|
|
slog-scope = "4.4.0"
|
|
thiserror = "1"
|
|
tracing = "0.1.41"
|
|
vmm-sys-util = { workspace = true }
|
|
virtio-queue = { workspace = true, optional = true }
|
|
vm-memory = { workspace = true, features = ["backend-mmap"] }
|
|
crossbeam-channel = "0.5.6"
|
|
vfio-bindings = { workspace = true, optional = true }
|
|
vfio-ioctls = { workspace = true, optional = true }
|
|
kata-sys-util = { path = "../libs/kata-sys-util" }
|
|
|
|
[dev-dependencies]
|
|
slog-async = "2.7.0"
|
|
slog-term = "2.9.0"
|
|
test-utils = { workspace = true }
|
|
|
|
[features]
|
|
acpi = []
|
|
atomic-guest-memory = ["vm-memory/backend-atomic"]
|
|
hotplug = ["virtio-vsock"]
|
|
virtio-vsock = ["dbs-virtio-devices/virtio-vsock", "virtio-queue"]
|
|
virtio-blk = ["dbs-virtio-devices/virtio-blk", "virtio-queue"]
|
|
virtio-net = ["dbs-virtio-devices/virtio-net", "virtio-queue"]
|
|
# virtio-fs only work on atomic-guest-memory
|
|
virtio-fs = [
|
|
"dbs-virtio-devices/virtio-fs-pro",
|
|
"virtio-queue",
|
|
"atomic-guest-memory",
|
|
]
|
|
virtio-mem = [
|
|
"dbs-virtio-devices/virtio-mem",
|
|
"virtio-queue",
|
|
"atomic-guest-memory",
|
|
]
|
|
virtio-balloon = ["dbs-virtio-devices/virtio-balloon", "virtio-queue"]
|
|
vhost-net = ["dbs-virtio-devices/vhost-net"]
|
|
vhost-user-fs = ["dbs-virtio-devices/vhost-user-fs"]
|
|
vhost-user-net = ["dbs-virtio-devices/vhost-user-net"]
|
|
vhost-user-blk = ["dbs-virtio-devices/vhost-user-blk"]
|
|
host-device = ["dep:vfio-bindings", "dep:vfio-ioctls", "dep:dbs-pci"]
|
|
|
|
[lints.rust]
|
|
unexpected_cfgs = { level = "warn", check-cfg = [
|
|
'cfg(feature, values("test-mock"))',
|
|
] }
|
|
|
|
[package.metadata.cargo-machete]
|
|
ignored = ["vfio-bindings"]
|