Dragonball: migrate dragonball-sandbox crates to Kata

In order to make it easier for developers to contribute to Dragonball, we decide to migrate all dragonball-sandbox crates to Kata. fixes: #7262 Signed-off-by: Chao Wu <chaowu@linux.alibaba.com>
kata-containers · Jul 19, 2023 · bbd3c1b · bbd3c1b
1 parent 7153b51
commit bbd3c1b
Show file tree

Hide file tree

Showing 164 changed files with 55,766 additions and 272 deletions.
diff --git a/src/dragonball/Cargo.lock b/src/dragonball/Cargo.lock
diff --git a/src/dragonball/Cargo.toml b/src/dragonball/Cargo.toml
@@ -12,16 +12,16 @@ edition = "2018"
 [dependencies]
 arc-swap = "1.5.0"
 bytes = "1.1.0"
-dbs-address-space = "0.3.0"
-dbs-allocator = "0.1.0"
-dbs-arch = "0.2.0"
-dbs-boot = "0.4.0"
-dbs-device = "0.2.0"
-dbs-interrupt = { version = "0.2.0", features = ["kvm-irq"] }
-dbs-legacy-devices = "0.1.0"
-dbs-upcall = { version = "0.3.0", optional = true }
-dbs-utils = "0.2.0"
-dbs-virtio-devices = { version = "0.3.1", optional = true, features = ["virtio-mmio"] }
+dbs-address-space =  { path = "./src/dbs_address_space" }
+dbs-allocator = { path = "./src/dbs_allocator" }
+dbs-arch = { path = "./src/dbs_arch" }
+dbs-boot = { path = "./src/dbs_boot" }
+dbs-device = { path = "./src/dbs_device" }
+dbs-interrupt = { path = "./src/dbs_interrupt", features = ["kvm-irq"] }
+dbs-legacy-devices = { path = "./src/dbs_legacy_devices" }
+dbs-upcall = { path = "./src/dbs_upcall" , optional = true }
+dbs-utils = { path = "./src/dbs_utils" }
+dbs-virtio-devices = { path = "./src/dbs_virtio_devices", optional = true, features = ["virtio-mmio"] }
 kvm-bindings = "0.6.0"
 kvm-ioctls = "0.12.0"
 lazy_static = "1.2"

diff --git a/src/dragonball/README.md b/src/dragonball/README.md
@@ -16,10 +16,22 @@ and configuration process.
 
 # Documentation
 
-Device: [Device Document](docs/device.md)
-vCPU: [vCPU Document](docs/vcpu.md)
-API: [API Document](docs/api.md)
-`Upcall`: [`Upcall` Document](docs/upcall.md)
+- Device: [Device Document](docs/device.md)
+- vCPU: [vCPU Document](docs/vcpu.md)
+- API: [API Document](docs/api.md)
+- `Upcall`: [`Upcall` Document](docs/upcall.md)
+- `dbs_acpi`: [`dbs_acpi` Document](src/dbs_acpi/README.md)
+- `dbs_address_space`: [`dbs_address_space` Document](src/dbs_address_space/README.md)
+- `dbs_allocator`: [`dbs_allocator` Document](src/dbs_allocator/README.md)
+- `dbs_arch`: [`dbs_arch` Document](src/dbs_arch/README.md)
+- `dbs_boot`: [`dbs_boot` Document](src/dbs_boot/README.md)
+- `dbs_device`: [`dbs_device` Document](src/dbs_device/README.md)
+- `dbs_interrupt`: [`dbs_interrput` Document](src/dbs_interrupt/README.md)
+- `dbs_legacy_devices`: [`dbs_legacy_devices` Document](src/dbs_legacy_devices/README.md)
+- `dbs_tdx`: [`dbs_tdx` Document](src/dbs_tdx/README.md)
+- `dbs_upcall`: [`dbs_upcall` Document](src/dbs_upcall/README.md)
+- `dbs_utils`: [`dbs_utils` Document](src/dbs_utils/README.md)
+- `dbs_virtio_devices`: [`dbs_virtio_devices` Document](src/dbs_virtio_devices/README.md)
 
 Currently, the documents are still actively adding.
 You could see the [official documentation](docs/) page for more details.

diff --git a/src/dragonball/src/dbs_acpi/Cargo.toml b/src/dragonball/src/dbs_acpi/Cargo.toml
@@ -0,0 +1,14 @@
+[package]
+name = "dbs-acpi"
+version = "0.1.0"
+authors = ["Alibaba Dragonball Team"]
+description = "acpi definitions for virtual machines."
+license = "Apache-2.0"
+edition = "2018"
+homepage = "https://github.com/openanolis/dragonball-sandbox"
+repository = "https://github.com/openanolis/dragonball-sandbox"
+keywords = ["dragonball", "acpi", "vmm", "secure-sandbox"]
+readme = "README.md"
+
+[dependencies]
+vm-memory = "0.9.0"
diff --git a/src/dragonball/src/dbs_acpi/README.md b/src/dragonball/src/dbs_acpi/README.md
@@ -0,0 +1,11 @@
+# dbs-acpi
+
+`dbs-acpi` provides ACPI data structures for VMM to emulate ACPI behavior.
+
+## Acknowledgement
+
+Part of the code is derived from the [Cloud Hypervisor](https://github.com/cloud-hypervisor/cloud-hypervisor) project.
+
+## License
+
+This project is licensed under [Apache License, Version 2.0](http://www.apache.org/licenses/LICENSE-2.0).
diff --git a/src/dragonball/src/dbs_acpi/src/lib.rs b/src/dragonball/src/dbs_acpi/src/lib.rs
@@ -0,0 +1,29 @@
+// Copyright (c) 2019 Intel Corporation
+// Copyright (c) 2023 Alibaba Cloud
+//
+// SPDX-License-Identifier: Apache-2.0
+pub mod rsdp;
+pub mod sdt;
+
+fn generate_checksum(data: &[u8]) -> u8 {
+    (255 - data.iter().fold(0u8, |acc, x| acc.wrapping_add(*x))).wrapping_add(1)
+}
+
+#[cfg(test)]
+mod tests {
+    use super::*;
+    #[test]
+    fn test_generate_checksum() {
+        let mut buf = [0x00; 8];
+        let sum = generate_checksum(&buf);
+        assert_eq!(sum, 0);
+        buf[0] = 0xff;
+        let sum = generate_checksum(&buf);
+        assert_eq!(sum, 1);
+        buf[0] = 0xaa;
+        buf[1] = 0xcc;
+        buf[4] = generate_checksum(&buf);
+        let sum = buf.iter().fold(0u8, |s, v| s.wrapping_add(*v));
+        assert_eq!(sum, 0);
+    }
+}
diff --git a/src/dragonball/src/dbs_acpi/src/rsdp.rs b/src/dragonball/src/dbs_acpi/src/rsdp.rs
@@ -0,0 +1,60 @@
+// Copyright (c) 2019 Intel Corporation
+// Copyright (c) 2023 Alibaba Cloud
+//
+// SPDX-License-Identifier: Apache-2.0
+// RSDP (Root System Description Pointer) is a data structure used in the ACPI programming interface.
+use vm_memory::ByteValued;
+
+#[repr(packed)]
+#[derive(Clone, Copy, Default)]
+pub struct Rsdp {
+    pub signature: [u8; 8],
+    pub checksum: u8,
+    pub oem_id: [u8; 6],
+    pub revision: u8,
+    _rsdt_addr: u32,
+    pub length: u32,
+    pub xsdt_addr: u64,
+    pub extended_checksum: u8,
+    _reserved: [u8; 3],
+}
+
+// SAFETY: Rsdp only contains a series of integers
+unsafe impl ByteValued for Rsdp {}
+
+impl Rsdp {
+    pub fn new(xsdt_addr: u64) -> Self {
+        let mut rsdp = Rsdp {
+            signature: *b"RSD PTR ",
+            checksum: 0,
+            oem_id: *b"ALICLD",
+            revision: 1,
+            _rsdt_addr: 0,
+            length: std::mem::size_of::<Rsdp>() as u32,
+            xsdt_addr,
+            extended_checksum: 0,
+            _reserved: [0; 3],
+        };
+        rsdp.checksum = super::generate_checksum(&rsdp.as_slice()[0..19]);
+        rsdp.extended_checksum = super::generate_checksum(rsdp.as_slice());
+        rsdp
+    }
+
+    pub fn len() -> usize {
+        std::mem::size_of::<Rsdp>()
+    }
+}
+#[cfg(test)]
+mod tests {
+    use super::Rsdp;
+    use vm_memory::bytes::ByteValued;
+    #[test]
+    fn test_rsdp() {
+        let rsdp = Rsdp::new(0xa0000);
+        let sum = rsdp
+            .as_slice()
+            .iter()
+            .fold(0u8, |acc, x| acc.wrapping_add(*x));
+        assert_eq!(sum, 0);
+    }
+}
diff --git a/src/dragonball/src/dbs_acpi/src/sdt.rs b/src/dragonball/src/dbs_acpi/src/sdt.rs
@@ -0,0 +1,137 @@
+// Copyright (c) 2019 Intel Corporation
+// Copyright (c) 2023 Alibaba Cloud
+//
+// SPDX-License-Identifier: Apache-2.0
+#[repr(packed)]
+pub struct GenericAddress {
+    pub address_space_id: u8,
+    pub register_bit_width: u8,
+    pub register_bit_offset: u8,
+    pub access_size: u8,
+    pub address: u64,
+}
+
+impl GenericAddress {
+    pub fn io_port_address<T>(address: u16) -> Self {
+        GenericAddress {
+            address_space_id: 1,
+            register_bit_width: 8 * std::mem::size_of::<T>() as u8,
+            register_bit_offset: 0,
+            access_size: std::mem::size_of::<T>() as u8,
+            address: u64::from(address),
+        }
+    }
+
+    pub fn mmio_address<T>(address: u64) -> Self {
+        GenericAddress {
+            address_space_id: 0,
+            register_bit_width: 8 * std::mem::size_of::<T>() as u8,
+            register_bit_offset: 0,
+            access_size: std::mem::size_of::<T>() as u8,
+            address,
+        }
+    }
+}
+
+pub struct Sdt {
+    data: Vec<u8>,
+}
+
+#[allow(clippy::len_without_is_empty)]
+impl Sdt {
+    pub fn new(signature: [u8; 4], length: u32, revision: u8) -> Self {
+        assert!(length >= 36);
+        const OEM_ID: [u8; 6] = *b"ALICLD";
+        const OEM_TABLE: [u8; 8] = *b"RUND    ";
+        const CREATOR_ID: [u8; 4] = *b"ALIC";
+        let mut data = Vec::with_capacity(length as usize);
+        data.extend_from_slice(&signature);
+        data.extend_from_slice(&length.to_le_bytes());
+        data.push(revision);
+        data.push(0); // checksum
+        data.extend_from_slice(&OEM_ID); // oem id u32
+        data.extend_from_slice(&OEM_TABLE); // oem table
+        data.extend_from_slice(&1u32.to_le_bytes()); // oem revision u32
+        data.extend_from_slice(&CREATOR_ID); // creator id u32
+        data.extend_from_slice(&1u32.to_le_bytes()); // creator revison u32
+        assert_eq!(data.len(), 36);
+        data.resize(length as usize, 0);
+        let mut sdt = Sdt { data };
+        sdt.update_checksum();
+        sdt
+    }
+
+    pub fn update_checksum(&mut self) {
+        self.data[9] = 0;
+        let checksum = super::generate_checksum(self.data.as_slice());
+        self.data[9] = checksum
+    }
+
+    pub fn as_slice(&self) -> &[u8] {
+        self.data.as_slice()
+    }
+
+    pub fn append<T>(&mut self, value: T) {
+        let orig_length = self.data.len();
+        let new_length = orig_length + std::mem::size_of::<T>();
+        self.data.resize(new_length, 0);
+        self.write_u32(4, new_length as u32);
+        self.write(orig_length, value);
+    }
+
+    pub fn append_slice(&mut self, data: &[u8]) {
+        let orig_length = self.data.len();
+        let new_length = orig_length + data.len();
+        self.write_u32(4, new_length as u32);
+        self.data.extend_from_slice(data);
+        self.update_checksum();
+    }
+
+    /// Write a value at the given offset
+    pub fn write<T>(&mut self, offset: usize, value: T) {
+        assert!((offset + (std::mem::size_of::<T>() - 1)) < self.data.len());
+        unsafe {
+            *(((self.data.as_mut_ptr() as usize) + offset) as *mut T) = value;
+        }
+        self.update_checksum();
+    }
+
+    pub fn write_u8(&mut self, offset: usize, val: u8) {
+        self.write(offset, val);
+    }
+
+    pub fn write_u16(&mut self, offset: usize, val: u16) {
+        self.write(offset, val);
+    }
+
+    pub fn write_u32(&mut self, offset: usize, val: u32) {
+        self.write(offset, val);
+    }
+
+    pub fn write_u64(&mut self, offset: usize, val: u64) {
+        self.write(offset, val);
+    }
+
+    pub fn len(&self) -> usize {
+        self.data.len()
+    }
+}
+#[cfg(test)]
+mod tests {
+    use super::Sdt;
+    #[test]
+    fn test_sdt() {
+        let mut sdt = Sdt::new(*b"TEST", 40, 1);
+        let sum: u8 = sdt
+            .as_slice()
+            .iter()
+            .fold(0u8, |acc, x| acc.wrapping_add(*x));
+        assert_eq!(sum, 0);
+        sdt.write_u32(36, 0x12345678);
+        let sum: u8 = sdt
+            .as_slice()
+            .iter()
+            .fold(0u8, |acc, x| acc.wrapping_add(*x));
+        assert_eq!(sum, 0);
+    }
+}
diff --git a/src/dragonball/src/dbs_address_space/Cargo.toml b/src/dragonball/src/dbs_address_space/Cargo.toml
@@ -0,0 +1,20 @@
+[package]
+name = "dbs-address-space"
+version = "0.3.0"
+authors = ["Alibaba Dragonball Team"]
+description = "address space manager for virtual machines."
+license = "Apache-2.0"
+edition = "2018"
+homepage = "https://github.com/openanolis/dragonball-sandbox"
+repository = "https://github.com/openanolis/dragonball-sandbox"
+keywords = ["dragonball", "address", "vmm", "secure-sandbox"]
+readme = "README.md"
+
+[dependencies]
+arc-swap = ">=0.4.8"
+libc = "0.2.39"
+nix = "0.23.1"
+lazy_static = "1"
+thiserror = "1"
+vmm-sys-util = "0.11.0"
+vm-memory = { version = "0.9", features = ["backend-mmap", "backend-atomic"] }
diff --git a/src/dragonball/src/dbs_address_space/LICENSE b/src/dragonball/src/dbs_address_space/LICENSE
@@ -0,0 +1 @@
+../../LICENSE