![[BACK]](/icons/back.gif){kind=icon}
Up to [local] / src / usr.sbin / vmd
Request diff between arbitrary revisions
Default branch: MAIN
Revision 1.29 / (download) - annotate - [select for diffs], Thu Apr 27 22:47:27 2023 UTC (13 months ago) by dv
Branch: MAIN
CVS Tags: OPENBSD_7_5_BASE,
OPENBSD_7_5,
OPENBSD_7_4_BASE,
OPENBSD_7_4,
HEAD
Changes since 1.28: +2 -2 lines
Diff to previous 1.28 (colored)
vmd(8): introduce multi-process model for virtio devices. Isolate virtio network and block device emulation in dedicated processes, forked and exec'd from the vm process. This allows for tightening pledge promises to just "stdio". Communication between the vcpu's and these devices now occurs via imsg channels, which adds the benefit of not always blocking the vcpu thread while emulating the device. With this commit, it's possible that vmd is the first open source hypervisor that *defaults* to a multi-process device emulation model without requiring any additional configuration from the operator. Testing help from phessler@ and Mischa Peters. ok mlarkin@
Revision 1.28 / (download) - annotate - [select for diffs], Thu Nov 10 11:46:39 2022 UTC (18 months, 3 weeks ago) by dv
Branch: MAIN
CVS Tags: OPENBSD_7_3_BASE,
OPENBSD_7_3
Changes since 1.27: +2 -2 lines
Diff to previous 1.27 (colored)
vmd(8): import mmio decode and emulation, disabled for now. The initial mmio support for vmd adds support for only specific MOV and MOVZX instructions. Plan is to begin iterating in-tree on other missing pieces. All functionality is gated behind an #if for now. Only change to vmm(4) is reordering register #define's in vmmvar.h. ok mlarkin@
Revision 1.27 / (download) - annotate - [select for diffs], Tue Sep 13 10:28:19 2022 UTC (20 months, 2 weeks ago) by martijn
Branch: MAIN
CVS Tags: OPENBSD_7_2_BASE,
OPENBSD_7_2
Changes since 1.26: +4 -3 lines
Diff to previous 1.26 (colored)
Add (partial) support for agentx in vmd. Metrics can be found under mib-2.236 and VM-MIB (RFC7666). Stress tested by and happy noises from Mischa Peters OK dv@
Revision 1.26 / (download) - annotate - [select for diffs], Mon Apr 5 18:09:48 2021 UTC (3 years, 1 month ago) by dv
Branch: MAIN
CVS Tags: OPENBSD_7_1_BASE,
OPENBSD_7_1,
OPENBSD_7_0_BASE,
OPENBSD_7_0,
OPENBSD_6_9_BASE,
OPENBSD_6_9
Changes since 1.25: +3 -3 lines
Diff to previous 1.25 (colored)
Support booting from compressed kernel images. The bsd.rd ramdisk now ships gzip'd on amd64. Use libz in base to transparently handle decompression of any compressed kernel images. Patch from Josh Rickmar. ok kn@
Revision 1.25 / (download) - annotate - [select for diffs], Fri Mar 19 09:29:33 2021 UTC (3 years, 2 months ago) by kn
Branch: MAIN
Changes since 1.24: +2 -2 lines
Diff to previous 1.24 (colored)
Remove booting from kernels in raw/qcow2 images Diff and (slightly tweaked) text below from Dave Voutila < dave at sisu dot io >, thanks! -- Since 6.7 switched to FFS2 as the default filesystem for new installs, the ability for vmd(8) to load a kernel and boot.conf from a disk image directly (without SeaBIOS) has been broken. A diff from tb to add FFS2 support never mdae it into the tree. On 5th Jan 2021, new ramdisks for amd64 have started shipping gzipped, breaking the ability to load the bsd.rd directly as a kernel image for a vmd guest without first uncompressing the image. Using BIOS works, the FFS2 change happend ten months ago and few if any have complained about the breakage. vmctl(8) is still vague about supporting it per its man page and one still has to pass the disk image twice as a "-b" and "-d" argument to boot an OpenBSD guest *without* BIOS. Josh Rickmar reported the gzip issue on bugs@ and provided patches to add support for compressed ramdisks and kernel images. The easiest way to do so is to drop support for FFS images since they require a call to fmemopen(3) while all the other logic uses fopen(3)/fdopen(3) calls and a file descriptor. It is much easier to get thsoe patches merged if they don't have to account for extracting files from disk images. -- No objections anyone "Removing it makes sense" reyk (who wrote the FFS module) OK mlarkin
Revision 1.24 / (download) - annotate - [select for diffs], Wed Sep 23 19:18:18 2020 UTC (3 years, 8 months ago) by martijn
Branch: MAIN
CVS Tags: OPENBSD_6_8_BASE,
OPENBSD_6_8
Changes since 1.23: +4 -4 lines
Diff to previous 1.23 (colored)
Revert agentx support for now, we're too close to release. requested by deraadt@
Revision 1.23 / (download) - annotate - [select for diffs], Wed Sep 23 15:52:06 2020 UTC (3 years, 8 months ago) by martijn
Branch: MAIN
Changes since 1.22: +5 -5 lines
Diff to previous 1.22 (colored)
Add support for agentx to vmd. This is based around VM-MIB from RFC7666,but does not export the full spec. People more knowledgeable of vmd are encouraged to expand on this.
Revision 1.22 / (download) - annotate - [select for diffs], Fri Jan 18 01:24:07 2019 UTC (5 years, 4 months ago) by pd
Branch: MAIN
CVS Tags: OPENBSD_6_7_BASE,
OPENBSD_6_7,
OPENBSD_6_6_BASE,
OPENBSD_6_6,
OPENBSD_6_5_BASE,
OPENBSD_6_5
Changes since 1.21: +2 -2 lines
Diff to previous 1.21 (colored)
disable vmd/vmctl for i386 Next commit will delete vmm(4) for i386. Reasons to delete i386 vmm: - Been broken for a while, almost no one complained. - Had been falling out of sync from amd64 while it worked. - If your machine has vmx, you most probably can run amd64, so why not run that? ok mlarkin@ deraadt@
Revision 1.21 / (download) - annotate - [select for diffs], Mon Dec 10 21:30:33 2018 UTC (5 years, 5 months ago) by claudio
Branch: MAIN
Changes since 1.20: +2 -2 lines
Diff to previous 1.20 (colored)
Implement the fw_cfg interface basics and use it to set the bootorder if a bootdevice was forced. This implements both the pure IO port interface and also the new DMA interface, a few direct commands are implemented which are needed but in general the "file" interface should be used. There is no write support for the guest. Tested against the latest vmm-firmware port. This requires also a -current kernel to pass the IO ports to vmd(8). OK mlarkin@ ccardenas@
Revision 1.20 / (download) - annotate - [select for diffs], Sun Sep 9 04:09:32 2018 UTC (5 years, 8 months ago) by ccardenas
Branch: MAIN
CVS Tags: OPENBSD_6_4_BASE,
OPENBSD_6_4
Changes since 1.19: +2 -2 lines
Diff to previous 1.19 (colored)
Add initial qcow2 image support.
Users are able to declare disk images as 'raw' or 'qcow2' using either
vmctl and vm.conf. The default disk image format is 'raw' if not specified.
Examples of using disk format:
vmctl start bsd -Lc -r cd64.iso -d qcow2:current.qc2
or
vmctl start bsd -Lc -r cd64.iso -d raw:current.raw
is equivalent to
vmctl start bsd -Lc -r cd64.iso -d current.raw
in vm.conf
vm "current" {
disable
memory 2G
disk "/home/user/vmm/current.qc2" format "qcow2"
interface { switch "external" }
}
or
vm "current" {
disable
memory 2G
disk "/home/user/vmm/current.raw" format "raw"
interface { switch "external" }
}
is equivlanet to
vm "current" {
disable
memory 2G
disk "/home/user/vmm/current.raw"
interface { switch "external" }
}
Tested by many.
Big Thanks to Ori Bernstein.
Revision 1.19 / (download) - annotate - [select for diffs], Sat Aug 25 04:16:09 2018 UTC (5 years, 9 months ago) by ccardenas
Branch: MAIN
Changes since 1.18: +2 -2 lines
Diff to previous 1.18 (colored)
Rework disks to have pluggable backends. This is prep work for adding qcow2 image support. From Ori Bernstein. Many thanks! Tested by many. OK ccardenas@
Revision 1.18 / (download) - annotate - [select for diffs], Thu Jun 28 02:21:15 2018 UTC (5 years, 11 months ago) by gsoares
Branch: MAIN
Changes since 1.17: +2 -2 lines
Diff to previous 1.17 (colored)
sync DPADD with LDADD adding missing ${LIBPTHREAD} to ensure
that binary is rebuilt in case of pthread library changes.
OK deraadt@ reyk@
Revision 1.17 / (download) - annotate - [select for diffs], Wed Jan 3 05:39:56 2018 UTC (6 years, 4 months ago) by ccardenas
Branch: MAIN
CVS Tags: OPENBSD_6_3_BASE,
OPENBSD_6_3
Changes since 1.16: +2 -2 lines
Diff to previous 1.16 (colored)
Add initial CD-ROM support to VMD via vioscsi. * Adds 'cdrom' keyword to vm.conf(5) and '-r' to vmctl(8) * Support various sized ISOs (Limitation of 4G ISOs on Linux guests) * Known working guests: OpenBSD (primary), Alpine Linux (primary), CentOS 6 (secondary), Ubuntu 17.10 (secondary). NOTE: Secondary indicates some issue(s) preventing full/reliable functionality outside the scope of the vioscsi work. * If the attached disks are non-bootable (i.e. empty), SeaBIOS (vmd's default BIOS) will boot from CD-ROM. ok mlarkin@, jca@
Revision 1.16 / (download) - annotate - [select for diffs], Mon Jul 3 22:21:47 2017 UTC (6 years, 11 months ago) by espie
Branch: MAIN
CVS Tags: OPENBSD_6_2_BASE,
OPENBSD_6_2
Changes since 1.15: +2 -2 lines
Diff to previous 1.15 (colored)
no need to generate y.tab.h if nothing uses it, set YFLAGS to nothing instead of CLEANFILES += y.tab.h okay millert@
Revision 1.15 / (download) - annotate - [select for diffs], Mon May 8 09:08:40 2017 UTC (7 years ago) by reyk
Branch: MAIN
Changes since 1.14: +2 -2 lines
Diff to previous 1.14 (colored)
Adds functions to read and write state of devices in vmd. This is required for implementing vmctl send and vmctl receive. vmctl send / receive are two new options that will support snapshotting VMs and migrating VMs from one host to another. The atomicio files are copied from usr.bin/ssh. Patch from Pratik Vyas; this project was undertaken at San Jose State University along with his three teammates, Ashwin, Harshada and Siri with mlarkin@ as the advisor. OK mlarkin@
Revision 1.14 / (download) - annotate - [select for diffs], Wed Apr 19 15:38:32 2017 UTC (7 years, 1 month ago) by reyk
Branch: MAIN
Changes since 1.13: +2 -2 lines
Diff to previous 1.13 (colored)
Add support for dynamic "NAT" interfaces (-L/local interface). When a local interface is configured, vmd configures a /31 address on the tap(4) interface of the host and provides another IP in the same subnet via DHCP (BOOTP) to the VM. vmd runs an internal BOOTP server that replies with IP, gateway, and DNS addresses to the VM. The built-in server only ever responds to the VM on the inside and cannot leak its DHCP responses to the outside. Thanks to Uwe Werler, Josh Grosse, and some others for testing! OK deraadt@
Revision 1.13 / (download) - annotate - [select for diffs], Wed Mar 1 18:00:50 2017 UTC (7 years, 3 months ago) by reyk
Branch: MAIN
CVS Tags: OPENBSD_6_1_BASE,
OPENBSD_6_1
Changes since 1.12: +4 -4 lines
Diff to previous 1.12 (colored)
Split vmm.c into two files: vm.c for the VM child, vmm.c for the parent As discussed with mlarkin@, it makes it easier to maintain the file. OK mlarkin@
Revision 1.12 / (download) - annotate - [select for diffs], Sat Nov 26 20:03:42 2016 UTC (7 years, 6 months ago) by reyk
Branch: MAIN
Changes since 1.11: +2 -2 lines
Diff to previous 1.11 (colored)
Implement basic support for boot.conf(8) on the disk image. Like the real boot loader, load and parse hd0a:/etc/boot.conf from the first disk and fall back to /bsd. Not all boot loader options are supported, but it at least does set device, set image, and boot -acds (eg. for booting single-user). For example, it can now boot install60.fs that includes a boot.conf with "set image /6.0/amd64/bsd.rd": vmctl start install -c -d install60.fs -d OpenBSD.img This pseudo-bootloader is only needed without BIOS and could potentially be replaced in the future. OK mlarkin@
Revision 1.11 / (download) - annotate - [select for diffs], Thu Nov 24 07:58:55 2016 UTC (7 years, 6 months ago) by reyk
Branch: MAIN
Changes since 1.10: +2 -1 lines
Diff to previous 1.10 (colored)
Add support for booting the kernel from the disk image. This make the kernel/-k argument optional and, if not specified, tries to find the /bsd kernel in the primary hd0a partition of the first disk image itself. It doesn't support hd0a:/etc/boot.conf yet, and it is no BIOS or full boot loader, but it makes booting and handling of VMs a bit easier - booting an external kernel is still supported. The UFS file system code ufs.c is directly from libsa which is also used by the real boot loader. The code compiles with a few signedness warning which will be fixed separately. OK mlarkin@
Revision 1.10 / (download) - annotate - [select for diffs], Wed Oct 26 05:26:36 2016 UTC (7 years, 7 months ago) by mlarkin
Branch: MAIN
Changes since 1.9: +2 -2 lines
Diff to previous 1.9 (colored)
vmd(8)/vmctl(8) for i386. Some ugliness in #ifdef __i386__ areas will be fixed in tree, but the changes required were pretty minimal. Note that i386 hosts are still presently limited to running i386 guests. ok deraadt, stefan, jca
Revision 1.9 / (download) - annotate - [select for diffs], Tue Oct 4 17:17:30 2016 UTC (7 years, 7 months ago) by reyk
Branch: MAIN
Changes since 1.8: +2 -2 lines
Diff to previous 1.8 (colored)
Add a new "priv" process that is responsible for ioctls and restricted operations that aren't allowed under pledge. This is a companion to the "vmd" process that runs as root but with pledge. With the "priv" process, each new tap(4) interface now gets a description to indicate the vm, eg. "vm1-if0-myvm". For network configuration will be done by vmd/priv later. OK mlarkin@
Revision 1.8 / (download) - annotate - [select for diffs], Thu Sep 1 15:38:03 2016 UTC (7 years, 9 months ago) by mlarkin
Branch: MAIN
Changes since 1.7: +3 -3 lines
Diff to previous 1.7 (colored)
forgot during previous commit, thanks stefan@
Revision 1.7 / (download) - annotate - [select for diffs], Thu Dec 3 16:11:32 2015 UTC (8 years, 6 months ago) by reyk
Branch: MAIN
CVS Tags: OPENBSD_6_0_BASE,
OPENBSD_6_0,
OPENBSD_5_9_BASE,
OPENBSD_5_9
Changes since 1.6: +17 -11 lines
Diff to previous 1.6 (colored)
Add support for an optional vm.conf(5) file in vmd. This will replace vmm.conf(5) in vmmctl. For a short time, both vmd and vmmctl will support a configuration file, but vmmctl will be changed to send "load" requests to vmd instead of loading and parsing the file directly.
Revision 1.6 / (download) - annotate - [select for diffs], Wed Dec 2 22:19:11 2015 UTC (8 years, 6 months ago) by reyk
Branch: MAIN
Changes since 1.5: +1 -1 lines
Diff to previous 1.5 (colored)
Split the fully privileged parent into two processes "parent" and "vmm" with reduced privileges: - the "parent" opens fds (disks, ifs, etc.) but runs as root but pledged as "stdio rpath wpath proc tty sendfd". - the "vmm" process handles the creation and supervision of vm processes, and the primary communication with the vmm(4) subsystem. It runs as _vmd in the chroot but does not use pledge, as the vmm ioctls are not allowed by any pledge model yet. With this change, vmd starts to track the configuration state of VMs in vmd and will allow other things later (like terminating a vm by name, moving the configuration parser to vmd, ...). More incremental changes will follow.
Revision 1.5 / (download) - annotate - [select for diffs], Wed Dec 2 09:14:25 2015 UTC (8 years, 6 months ago) by reyk
Branch: MAIN
Changes since 1.4: +4 -3 lines
Diff to previous 1.4 (colored)
Start tweaking vmd's privsep and daemon model by splitting the main process into multiple parts and adopting the "proc.c"-style from other daemons. This allows to further reduce the privileges, to give better pledge(2), and to add some upcoming changes. "please do" mlarkin@, deraadt@
Revision 1.4 / (download) - annotate - [select for diffs], Mon Nov 23 23:41:49 2015 UTC (8 years, 6 months ago) by deraadt
Branch: MAIN
Changes since 1.3: +0 -1 lines
Diff to previous 1.3 (colored)
Do not need YFLAGS=
Revision 1.3 / (download) - annotate - [select for diffs], Mon Nov 23 13:04:49 2015 UTC (8 years, 6 months ago) by reyk
Branch: MAIN
Changes since 1.2: +1 -1 lines
Diff to previous 1.2 (colored)
Add support for logging to stderr or syslog, and to run vmd in foreground with -d. OK mlarkin@ jung@
Revision 1.2 / (download) - annotate - [select for diffs], Mon Nov 23 02:44:19 2015 UTC (8 years, 6 months ago) by deraadt
Branch: MAIN
Changes since 1.1: +0 -1 lines
Diff to previous 1.1 (colored)
install manpages global, since two architecture (will) use them.
Revision 1.1 / (download) - annotate - [select for diffs], Sun Nov 22 20:20:32 2015 UTC (8 years, 6 months ago) by mlarkin
Branch: MAIN
vmd(8) - virtual machine daemon. There is still a lot to be done, and fixed, in these userland components but I have received enough "it works, commit it" emails that it's time to finish those things in tree. discussed with many, tested by many.