summaryrefslogtreecommitdiffhomepage
path: root/pkg/sentry/platform
AgeCommit message (Collapse)Author
2020-06-16support sError injection in kvm module on Arm64Bin Lu
There are 3 types of asynchronous exceptions on Arm64: sError, IRQ, FIQ. In this case, we use the sError injection method in bluepillHandler to force the guest to quit. So that the test case of "TestBounce" can be passed on Arm64. Signed-off-by: Bin Lu <bin.lu@arm.com>
2020-06-10Merge pull request #2711 from lubinszARM:pr_mmiogVisor bot
PiperOrigin-RevId: 315812219
2020-06-09minor change in kvm module for Arm64Bin Lu
Signed-off-by: Bin Lu <bin.lu@arm.com>
2020-06-05Add +checkescape annotations to kvm/ring0.Adin Scannell
This analysis also catches a potential bug, which is a split on mapPhysical. This would have led to potential guest-exit during Mapping (although this would have been handled by the now-unecessary retryInGuest loop). PiperOrigin-RevId: 315025106
2020-06-01Merge pull request #2689 from lubinszARM:pr_prot_nonegVisor bot
PiperOrigin-RevId: 314186752
2020-05-29Update Go version build tagsMichael Pratt
None of the dependencies have changed in 1.15. It may be possible to simplify some of the wrappers in rawfile following 1.13, but that can come in a later change. PiperOrigin-RevId: 313863264
2020-05-17adding the VM-Exit method for Arm64Bin Lu
On amd64, it uses 'HLT' to leave the guest. Unlike amd64, arm64 can only uses mmio_exit/psci to leave the guest. So, I designed the HYPERCALL_VMEXIT to be compatible with amd64/arm64. To keep it simple, I used the address of exception table as the MMIO base address, so that I can trigger a MMIO-EXIT by forcibly writing this space. Then, in host user space, I can calculate this address to find out which hypercall. Signed-off-by: Bin Lu <bin.lu@arm.com>
2020-05-13PROT_NONE should be specially treated in the step of mapPhysicalBin Lu
It's a workaround to treat PROT_NONE as RDONLY temporarily. TODO(gvisor.dev/issue/2686): PROT_NONE should be specially treated. Signed-off-by: Bin Lu <bin.lu@arm.com>
2020-05-13adding the methods to get/set TLS for Arm64 kvm platformBin Lu
Signed-off-by: Bin Lu <bin.lu@arm.com>
2020-04-25Enable automated marshalling for signals and the arch package.Rahat Mahmood
PiperOrigin-RevId: 308472331
2020-04-24Merge pull request #1707 from lubinszARM:pr_lazy_fpsimd_2gVisor bot
PiperOrigin-RevId: 308347744
2020-04-22Specify a memory file in platform.New().Andrei Vagin
PiperOrigin-RevId: 307941984
2020-04-17Merge pull request #2235 from xiaobo55x:pcidgVisor bot
PiperOrigin-RevId: 307166482
2020-04-13Merge pull request #2321 from lubinszARM:pr_nogogVisor bot
PiperOrigin-RevId: 306300032
2020-04-09remove nogo exemption for machine_arm64_unsafe.goBin Lu
Minimize the use of unsafe. Signed-off-by: Bin Lu <bin.lu@arm.com>
2020-04-08Move pagetables.limitPCID to arch-specific file.Haibo Xu
X86 provide 12 bits for PCID while arm64 support 8/16 bits ASID. Signed-off-by: Haibo Xu <haibo.xu@arm.com> Change-Id: I0bd9236e44e6b6c4c88eb6e9adc5ac27b918bf6c
2020-04-01Automated rollback of changelist 303799678Adin Scannell
PiperOrigin-RevId: 304221302
2020-04-01Fix 386 build tagsMichael Pratt
The build tag for 32-bit x86 is 386, not i386. Updates #2298 PiperOrigin-RevId: 304206373
2020-03-30kvm: handle exit reasons even under EINTR.Adin Scannell
In the case of other signals (preemption), inject a normal bounce and defer the signal until the vCPU has been returned from guest mode. PiperOrigin-RevId: 303799678
2020-03-26Merge pull request #1986 from lubinszARM:pr_ring0_clean_1gVisor bot
PiperOrigin-RevId: 303105826
2020-03-11Import "unsafe" in bluepill_arm64_unsafe.goAndrei Vagin
This fixes a compile time error: pkg/sentry/platform/kvm/bluepill_arm64_unsafe.go:45:35: undefined: unsafe PiperOrigin-RevId: 300375687
2020-03-09Enable thread local storage support on arm64.Haibo Xu
Linux use the task.thread.uw.tp_value field to store the TLS pointer on arm64 platform, and we use a similar way in gvisor to store it in the arch/State struct. Signed-off-by: Haibo Xu <haibo.xu@arm.com> Change-Id: Ie76b5c6d109bc27ccfd594008a96753806db7764
2020-03-06Merge branch 'master' into pr_lazy_fpsimd_2Andrei Vagin
2020-03-06Merge pull request #1963 from xiaobo55x:kvm_commongVisor bot
PiperOrigin-RevId: 299405855
2020-03-06Merge pull request #1946 from xiaobo55x:dieTrampgVisor bot
PiperOrigin-RevId: 299405663
2020-03-03platform/ptrace: don't call probeSeccomp on arm64Andrei Vagin
The support of PTRACE_SYSEMU on arm64 was added in the 5.3 kernel, so we can be sure that the current version is higher that 5.3. And this change moves vsyscall seccomp rules to the arch specific file, because vsyscall isn't supported on arm64. PiperOrigin-RevId: 298696493
2020-02-28pcids.go isn't arch-specificAndrei Vagin
Signed-off-by: Andrei Vagin <avagin@gmail.com>
2020-02-27Prepare the vcpu environment for sentry on Arm64Bin Lu
Signed-off-by: Bin Lu <bin.lu@arm.com>
2020-02-26Merge pull request #1912 from lubinszARM:pr_kvm_buildgVisor bot
PiperOrigin-RevId: 297492004
2020-02-26Code Clean: Move arch independent codes to common file in kvm pkg.Haibo Xu
Signed-off-by: Haibo Xu <haibo.xu@arm.com> Change-Id: Iefbdf53e8e8d6d23ae75d8a2ff0d2a6e71f414d8
2020-02-25Merge pull request #1271 from lubinszARM:pr_ring0_1gVisor bot
PiperOrigin-RevId: 297230721
2020-02-25Don't acquire contended lock with the OS thread locked.Adin Scannell
Fixes #1049 PiperOrigin-RevId: 297175164
2020-02-25Enable bluepill dieTrampoline operation on arm64.Haibo Xu
Signed-off-by: Haibo Xu <haibo.xu@arm.com> Change-Id: I9e1bf2513c23bdd8c387e5b3c874c6ad3ca9aab0
2020-02-20Code Clean:Move getUserRegisters into dieArchSetup() and other small changes.Bin Lu
Consistent with QEMU, getUserRegisters() should be an arch-specific function. So, it should be called in dieArchSetup(). With this patch and the pagetable/pcid patch, the kvm modules on Arm64 can be built successfully. Signed-off-by: Bin Lu <bin.lu@arm.com>
2020-02-18ring0/pagetables: fix typogVisor bot
PiperOrigin-RevId: 295770717
2020-02-14passed the kvm test case of "TestKernelSyscall" on Arm64Bin Lu
For kvm test case "TestKernelSyscall", redpill/syscall(-1) in guest kernel level will be trapped in el1_svc. And in el1_svc, we use mmio_exit to leave the guest. Signed-off-by: Bin Lu <bin.lu@arm.com>
2020-01-29supporting sError in guest kernel on Arm64Bin Lu
For test case 'TestBounce', we use KVM_SET_VCPU_EVENTS to trigger sError to leave guest. Signed-off-by: Bin Lu <bin.lu@arm.com>
2020-01-29Lazy-fpsimd support patch series#2: add fpsimd@Arm64 support to kvm moduleBin Lu
Add fpsimd support to KVM module so that the test case "TestKernelFloatingPoint" can be passed on Arm64 platform. Signed-off-by: Bin Lu <bin.lu@arm.com>
2020-01-27Update package locations.Adin Scannell
Because the abi will depend on the core types for marshalling (usermem, context, safemem, safecopy), these need to be flattened from the sentry directory. These packages contain no sentry-specific details. PiperOrigin-RevId: 291811289
2020-01-27Fix licenses.Adin Scannell
The preferred Copyright holder is "The gVisor Authors". PiperOrigin-RevId: 291786657
2020-01-27Standardize on tools directory.Adin Scannell
PiperOrigin-RevId: 291745021
2020-01-23Check for EINTR from KVM_CREATE_VMMichael Pratt
The kernel may return EINTR from: kvm_create_vm kvm_init_mmu_notifier mmu_notifier_register do_mmu_notifier_register mm_take_all_locks Go 1.14's preemptive scheduling signals make hitting this much more likely. PiperOrigin-RevId: 291212669
2020-01-21Merge pull request #1275 from lubinszARM:pr_ring0_5gVisor bot
PiperOrigin-RevId: 290839263
2020-01-21Merge pull request #1274 from lubinszARM:pr_ring0_4gVisor bot
PiperOrigin-RevId: 290811598
2020-01-16Merge pull request #1272 from lubinszARM:pr_ring0_2gVisor bot
PiperOrigin-RevId: 290113719
2020-01-15Merge pull request #1540 from laijs:fix-PCIDsgVisor bot
PiperOrigin-RevId: 289925133
2020-01-09New sync package.Ian Gudger
* Rename syncutil to sync. * Add aliases to sync types. * Replace existing usage of standard library sync package. This will make it easier to swap out synchronization primitives. For example, this will allow us to use primitives from github.com/sasha-s/go-deadlock to check for lock ordering violations. Updates #1472 PiperOrigin-RevId: 289033387
2020-01-09Avoid panic when c.PCIDs is nilLai Jiangshan
When PCID is disabled, there would throw a panic when dropPageTables() access to c.PCID without check. Signed-off-by: Lai Jiangshan <eag0628@gmail.com>
2020-01-08Merge pull request #1273 from lubinszARM:pr_ring_3gVisor bot
PiperOrigin-RevId: 288743614
2020-01-06platform/syscall: use syscall + int3 to execute a system call in a stub processAndrei Vagin
Right now, we need to call ptrace(PTRACE_SYSCALL) and wait() twice to execute one system call in a stub process. With these changes, we will need to call ptrace + wait only once. In addition, this allows to workaround the kernel bug when a stub process doesn't stop on syscall-exit-stop and starts executing the next system call. Reported-by: syzbot+37143cafa8dc3b5008ee@syzkaller.appspotmail.com PiperOrigin-RevId: 288393029