summaryrefslogtreecommitdiffstats
path: root/usr.sbin/vmd/config.c (follow)
Commit message (Collapse)AuthorAgeFilesLines
* Propagate host-side tap(4) lladdr to guest vm process to allow unicast dhcpdv2021-03-291-1/+8
| | | | | | | | | | and bootp renewals with vmd(8)'s built-in dhcp server. Previous behavior ignored did not intercept these packets and instead transmitted them. This should make vmd(8)'s dhcp behave more as a true dhcp server should and allows it to work properly with the new dhcpleased(8) attempting a renewal. OK mlarkin@
* Remove booting from kernels in raw/qcow2 imageskn2021-03-191-13/+5
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Diff and (slightly tweaked) text below from Dave Voutila < dave at sisu dot io >, thanks! -- Since 6.7 switched to FFS2 as the default filesystem for new installs, the ability for vmd(8) to load a kernel and boot.conf from a disk image directly (without SeaBIOS) has been broken. A diff from tb to add FFS2 support never mdae it into the tree. On 5th Jan 2021, new ramdisks for amd64 have started shipping gzipped, breaking the ability to load the bsd.rd directly as a kernel image for a vmd guest without first uncompressing the image. Using BIOS works, the FFS2 change happend ten months ago and few if any have complained about the breakage. vmctl(8) is still vague about supporting it per its man page and one still has to pass the disk image twice as a "-b" and "-d" argument to boot an OpenBSD guest *without* BIOS. Josh Rickmar reported the gzip issue on bugs@ and provided patches to add support for compressed ramdisks and kernel images. The easiest way to do so is to drop support for FFS images since they require a call to fmemopen(3) while all the other logic uses fopen(3)/fdopen(3) calls and a file descriptor. It is much easier to get thsoe patches merged if they don't have to account for extracting files from disk images. -- No objections anyone "Removing it makes sense" reyk (who wrote the FFS module) OK mlarkin
* add veb(4) to the list of supported bridges/switches you can configure.dlg2021-02-281-2/+2
| | | | | tested by josh rickmar ok kn@
* track the state of the vm (running, paused, etc) using a single bitfield instead ofjasper2019-05-111-7/+7
| | | | | | | | | a handful of separate variables. this will makes it easier for vmd to report and check on the individual vm states no functional change intended ok ccardenas@ mlarkin@
* Keep a list of known vms, and reuse the VM IDs.ori2018-11-261-1/+9
| | | | | | This means that when using '-L', the IP addresses of the VMs are stable. ok reyk@
* Improve error handling and logging in qcow2ori2018-11-241-8/+6
| | | | | | | This turns most warn + returns that should never happen into hard failures, and improves the user directed error messages. ok @mlarkin, @reyk
* Add support for "local inet6" interfaces.reyk2018-11-211-5/+32
| | | | ok & test ccardenas@, additional review from kn@
* I broke base images with my previous commit by missing a line.reyk2018-10-261-2/+3
| | | | | | | The disk path wasn't updated so vmd tried to open the derived disk image for each base over and over again. OK ori@ mlarkin@
* Add support to create and convert disk images from existing imagesreyk2018-10-191-28/+2
| | | | | | | | | | | | | | The -i option to vmctl create (eg. vmctl create output.qcow2 -i input.img) lets you create a new image from an input file and convert it if it is a different format. This allows to convert qcow2 images from raw images, raw from qcow2, or even qcow2 from qcow2 and raw from raw to re-optimize the disk. This re-uses Ori's vioqcow2.c from vmd by reaching into it and compiling it in. The API has been adjust to be used from both vmctl and vmd accordingly. OK mlarkin@
* Prevent VM reboot loops by rate-limiting the interval a VM can reboot.reyk2018-10-151-1/+35
| | | | | | | | | | | | | | | | | | | This looping has been experienced by people who run VMs with a broken kernel or boot loader that trigger a very fast reboot loop (triple fault) of a VM that ends up using a lot of CPU and resources on the host. Some fixes in vmm(4) and vmd(8) helped to avoid such conditions but it can still occur if something is wrong in the guest VM itself. If the VM restarts after less than VM_START_RATE_SEC (6) seconds, we increment the limit counter. After VM_START_RATE_LIMIT (3) of suchs fast reboots the VM is stopped. There are only very few people who intentionally want to reboot-loop a VM very quickly (many times within a second); mostly for fuzzing. They will have to recompile and adjust the stated #defines in the code as we don't have a config option to disable it. OK mlarkin@
* Add support for qcow2 base images (external snapshots).reyk2018-10-081-39/+96
| | | | | | | | | | | | | | | | | | | | | This works is from Ori Bernstein, committing on his behalf: Add support to vmd for external snapshots. That is, snapshots that are derived from a base image. Data lookups start in the derived image, and if the derived image does not contain some data, the search proceeds ot the base image. Multiple derived images may exist off of a single base image. A limitation of this format is that modifying the base image will corrupt the derived image. This change also adds support for creating disk derived disk images to vmctl. To use it: vmctl create derived.qcow2 -s 16G -b base.qcow2 From Ori Bernstein OK mlarkin@ reyk@
* Post-g2k18 fix: unbreak the optional vmd-internal vmboot loader.reyk2018-08-071-2/+2
| | | | | | The new vm_checkaccess() call didn't account for the vmboot case. OK ccardenas@ mikeb@
* Fix paste error in "no read access to" debug message, tweak messages.reyk2018-08-071-5/+5
| | | | Found by mikeb@
* Track resources and enforce cpu/memory/interface limits for non-root users.reyk2018-07-151-2/+17
| | | | | | | | | The limits are currently hard-coded and undocumented (4 CPUs/VMs, 2G memory, 8 interfaces) but will be configurable in an upcoming diff. These limits are tracked in total usage; for example, a user will be able to run up to 4 VMs with 512M of memory or a single VM with 2G. OK ccardenas@ mlarkin@
* Check the disk/kernel/cdrom file permissions after openening the fd.reyk2018-07-131-22/+24
| | | | | | This prevents time of TOCTOU attacks for instances. OK mlarkin@
* Add -w option to vmctl stop to wait for completion of VM termination.reyk2018-07-111-1/+2
| | | | | | Use it in /etc/rc.d/vmd accordingly. OK sthen@
* Tweak debug log messagesreyk2018-07-101-17/+16
| | | | | | | | | | | | - Turn tracing messages into DPRINTF (only compiled with DEBUG). - Pass __func__ to vm_stop and vm_remove: this way we can track who called the function in the async context. It replaces the manual log_debug in front of each vm_stop/vm_remove. This debug logging trick can be removed in the future once we are more confident about it. OK ccardenas@ mlarkin@
* print process name in debug messagereyk2018-06-191-5/+11
|
* knfreyk2018-06-191-6/+5
|
* block two VMs from using the same disk image file at the same time.mlarkin2018-03-141-2/+3
| | | | Also changes an error message in vmctl to reflect same.
* Fix Failure on Startccardenas2018-01-261-3/+8
| | | | | | | | | When attempting to start a vm from vm.conf that fails due to inadequate resources and such, do not remote vm entry from vm list. Reported by mpi@ ok mpi@
* Use log_warnx() in places where errno is irrelevant.jca2018-01-051-3/+3
| | | | ok mlarkin@ ccardenas@
* Address TOCTOU issue with checking to ensure disks are regular files.ccardenas2018-01-041-8/+8
| | | | | | Reported by jca@. Ok mlarkin@ and deraadt@
* Add initial CD-ROM support to VMD via vioscsi.ccardenas2018-01-031-1/+59
| | | | | | | | | | | | | * Adds 'cdrom' keyword to vm.conf(5) and '-r' to vmctl(8) * Support various sized ISOs (Limitation of 4G ISOs on Linux guests) * Known working guests: OpenBSD (primary), Alpine Linux (primary), CentOS 6 (secondary), Ubuntu 17.10 (secondary). NOTE: Secondary indicates some issue(s) preventing full/reliable functionality outside the scope of the vioscsi work. * If the attached disks are non-bootable (i.e. empty), SeaBIOS (vmd's default BIOS) will boot from CD-ROM. ok mlarkin@, jca@
* whitespacemlarkin2017-11-041-2/+1
|
* spacingreyk2017-09-141-12/+14
|
* vmd: add more explanatory log_debug messagesmlarkin2017-09-081-2/+12
| | | | From Carlos Cardenas, many thanks!
* vmd/vmctl: disallow use of block or character devices as disks in VMs.mlarkin2017-08-311-1/+16
| | | | | | | | | | | These don't work today and present the user with a confusing error message if an attempt is made to use them. This commit detects attempts to use block or character devices and if detected, presents the user with a better message. ok jasper From Carlos Cardenas, thanks!
* distinguish errors during vm launch and return different error codes tomlarkin2017-08-181-1/+3
| | | | | | | vmctl so that it can display proper errors for "disk missing" and "bios missing" situations. Expands on an earlier idea/diff from jasper. ok jasper@, pd@, tedu@
* Add vmctl send and vmctl receivepd2017-07-151-27/+39
| | | | ok reyk@ and mlarkin@
* Add support for rdomains.reyk2017-05-041-1/+4
| | | | | | This allows to configure VM interfaces and switches in individual rdomains. OK mlarkin@
* Add global configuration option "local prefix" to change prefix for -L.reyk2017-04-211-2/+33
| | | | | | | The default prefix is 100.64.0.0/10 from RFC6598. Requested by sthen@ chris@ OK mlarkin@
* Don't compare kernel and root disk name if both strings are empty.reyk2017-03-261-12/+12
| | | | | | This avoids jumping into vmboot in some edge conditions. OK mlarkin@
* Use the pseudo-bootloader if the boot image path matches the root disk path.reyk2017-03-261-4/+9
| | | | | | | This allows to use the non-BIOS on-disk bootloader for testing. It might go away after release when we feel more confident about BIOS. OK mlarkin@
* Boot using BIOS from /etc/firmware/vmm-bios by default.reyk2017-03-251-3/+14
| | | | | | | | | | | | | | | | Instead of using the internal "vmboot", VMs will now be booted using the external BIOS firmware in /etc/firmware/vmm-bios (which is subject to a LGPLv3 license). Direct booting of OpenBSD kernels or non-default BIOS images is still supported for now using the -b/boot option that is replacing the -k/kernel option. As requested by Theo, vmd(8) fails if neither the default BIOS is found nor a kernel has been specified in the VM configuration. The "vmm" BIOS has to be installed using fw_update(1), which will be done automatically in most cases where the OpenBSD can fetch it after install/upgrade. OK mlarkin@
* Add "locked lladdr" option to prevent VMs from spoofing MAC addresses.reyk2017-03-021-2/+3
| | | | | | | This is especially useful when multiple VMs share a switch, the implementation is independent from the underlying switch or bridge. no objections mlarkin@
* Add "owner" option to set a user/group ownership for pre-configured VMsreyk2017-03-011-3/+4
| | | | | | | This allows matching users to start or stop VMs that they "own" and to access the console accordingly. OK mlarkin@
* Replace openpty(3) with local function that uses pre-opened /dev/ptm fdreyk2017-02-271-7/+5
| | | | | | | | This allows more flexibility for upcoming changes and better pledge. We also didn't use half of the features of libutil's openpty function. Additionally, make sure that the ttys are closed correctly on shutdown. OK gilles@
* Nuke some whitespace that keeps poking me in the eye as I try tokrw2017-01-171-2/+2
| | | | steal code.
* If a VM terminates with the result EAGAIN, close all fds except thereyk2016-12-141-6/+12
| | | | | | | | pty and re-send it to the vmm monitor process. With additional changes in vmm.c, this will allow perform a cold reboot of VM. With testing and feedback from Jon Bernard OK mlarkin@
* Add support for booting the kernel from the disk image.reyk2016-11-241-8/+6
| | | | | | | | | | | | | | This make the kernel/-k argument optional and, if not specified, tries to find the /bsd kernel in the primary hd0a partition of the first disk image itself. It doesn't support hd0a:/etc/boot.conf yet, and it is no BIOS or full boot loader, but it makes booting and handling of VMs a bit easier - booting an external kernel is still supported. The UFS file system code ufs.c is directly from libsa which is also used by the real boot loader. The code compiles with a few signedness warning which will be fixed separately. OK mlarkin@
* Fix error path of config_setvm() and its callers. This unbreaksreyk2016-11-221-24/+21
| | | | | | | loading of invalid kernel files. Reported by mlarkin@ OK mlarkin@
* Pass the internal vmid or 0 to vm_register() instead of changing itreyk2016-11-041-3/+2
| | | | | | once again after setting the next available id. Suggested by edd@
* Update the config/register/get VM methods to match the config_set/getreyk2016-11-041-178/+143
| | | | | | style that is used in other places. Also keep the vmid from the parent. OK edd@
* Separate parsing vms and switches from starting them in vmd(8).edd2016-10-291-17/+40
| | | | | | | Brings us one step closer to having disabled by default vms is vm.conf(5), which can be started with vmctl(8). Input, testing and OK reyk@. Thanks.
* Allow to add an interface to an interface group; with the group keyword.reyk2016-10-151-1/+12
| | | | Requested and tested by martijn@
* The error case checks for saved_errno, set it accordinglyreyk2016-10-121-2/+2
|
* Add support for enhanced networking configuration and virtual switches.reyk2016-10-051-14/+71
| | | | | | See vm.conf(5) for more details. OK mlarkin@
* Add a new "priv" process that is responsible for ioctls and restrictedreyk2016-10-041-10/+31
| | | | | | | | | | | operations that aren't allowed under pledge. This is a companion to the "vmd" process that runs as root but with pledge. With the "priv" process, each new tap(4) interface now gets a description to indicate the vm, eg. "vm1-if0-myvm". For network configuration will be done by vmd/priv later. OK mlarkin@
* Implement fork+exec for vmd, using the same framework from httpd etc.reyk2016-09-291-5/+3
| | | | No objections from mlarkin@ sunil@
Copyright © 1996 – 2023 Jason A. Donenfeld. All Rights Reverse Engineered.