This immediately revealed an escape analysis violation (!), where
the sync.Map was being used in a context that escapes were not
allowed. This is a relatively minor fix and is included.
PiperOrigin-RevId: 328611237
I disabled DAIF(DEBUG, sError, IRQ, FIQ) in guest kernel mode,
and enabled them in guest user mode.
So, I can make sure all DAIF-s come from guest user mode,
and then the case 'TestBounceStress' can passed on Arm64.
Test steps:
1, cd pkg/sentry/platform/kvm
2, bazel test kvm_test --strip=never --test_output=streamed
Signed-off-by: Bin Lu <bin.lu@arm.com>
We need to correctly distinguish instruction_abort/data_abort for
mem_abort@Arm64.
So, EC/WNR/FSC in esr_el1 should be checked.
Signed-off-by: Bin Lu <bin.lu@arm.com>
Split the kvm ut test cases to pass unit-tests on Arm64.
I will add the tls and full-context test cases for Arm64 later.
Signed-off-by: Bin Lu <bin.lu@arm.com>
At present, when doing syscall_kvm test, we need to
enable the function of ESR_ELx_SYS64_ISS_SYS_CTR_READ to
successfully pass the test.
I set SCTLR_EL1.UCT==1, so that the related cases can passed.
Signed-off-by: Bin Lu <bin.lu@arm.com>
There are 3 types of asynchronous exceptions on Arm64: sError, IRQ, FIQ.
In this case, we use the sError injection method in bluepillHandler to force the guest to quit.
So that the test case of "TestBounce" can be passed on Arm64.
Signed-off-by: Bin Lu <bin.lu@arm.com>
This analysis also catches a potential bug, which is a split on mapPhysical.
This would have led to potential guest-exit during Mapping (although this
would have been handled by the now-unecessary retryInGuest loop).
PiperOrigin-RevId: 315025106
None of the dependencies have changed in 1.15. It may be possible to simplify
some of the wrappers in rawfile following 1.13, but that can come in a later
change.
PiperOrigin-RevId: 313863264
On amd64, it uses 'HLT' to leave the guest.
Unlike amd64, arm64 can only uses mmio_exit/psci to leave the guest.
So, I designed the HYPERCALL_VMEXIT to be compatible with amd64/arm64.
To keep it simple, I used the address of exception table as the
MMIO base address, so that I can trigger a MMIO-EXIT by forcibly writing this space.
Then, in host user space, I can calculate this address to find out
which hypercall.
Signed-off-by: Bin Lu <bin.lu@arm.com>
It's a workaround to treat PROT_NONE as RDONLY temporarily.
TODO(gvisor.dev/issue/2686): PROT_NONE should be specially treated.
Signed-off-by: Bin Lu <bin.lu@arm.com>
In the case of other signals (preemption), inject a normal bounce and
defer the signal until the vCPU has been returned from guest mode.
PiperOrigin-RevId: 303799678
Consistent with QEMU, getUserRegisters() should be an arch-specific
function. So, it should be called in dieArchSetup().
With this patch and the pagetable/pcid patch, the kvm modules on Arm64 can be
built successfully.
Signed-off-by: Bin Lu <bin.lu@arm.com>
Add fpsimd support to KVM module so that the test case "TestKernelFloatingPoint"
can be passed on Arm64 platform.
Signed-off-by: Bin Lu <bin.lu@arm.com>
Because the abi will depend on the core types for marshalling (usermem,
context, safemem, safecopy), these need to be flattened from the sentry
directory. These packages contain no sentry-specific details.
PiperOrigin-RevId: 291811289
The kernel may return EINTR from:
kvm_create_vm
kvm_init_mmu_notifier
mmu_notifier_register
do_mmu_notifier_register
mm_take_all_locks
Go 1.14's preemptive scheduling signals make hitting this much more likely.
PiperOrigin-RevId: 291212669
* Rename syncutil to sync.
* Add aliases to sync types.
* Replace existing usage of standard library sync package.
This will make it easier to swap out synchronization primitives. For example,
this will allow us to use primitives from github.com/sasha-s/go-deadlock to
check for lock ordering violations.
Updates #1472
PiperOrigin-RevId: 289033387
When PCID is disabled, there would throw a panic
when dropPageTables() access to c.PCID without check.
Signed-off-by: Lai Jiangshan <eag0628@gmail.com>