Showing preview only (7,732K chars total). Download the full file or copy to clipboard to get everything.
Repository: firecracker-microvm/firecracker
Branch: main
Commit: 40c67b2f428e
Files: 755
Total size: 7.2 MB
Directory structure:
gitextract_tj40a4a3/
├── .buildkite/
│ ├── common.py
│ ├── pipeline_coverage.py
│ ├── pipeline_cpu_template.py
│ ├── pipeline_cross.py
│ ├── pipeline_docker_popular.py
│ ├── pipeline_perf.py
│ ├── pipeline_pr.py
│ ├── pipeline_pr_no_block.py
│ └── pipeline_release_qa.py
├── .cargo/
│ ├── audit.toml
│ └── config.toml
├── .dockerignore
├── .git-blame-ignore-revs
├── .github/
│ ├── CODEOWNERS
│ ├── ISSUE_TEMPLATE/
│ │ ├── bug_report.md
│ │ └── feature_request.md
│ ├── codecov.yml
│ ├── dependabot.yml
│ ├── pull_request_template.md
│ └── workflows/
│ ├── deny_dirty_cargo_locks.yml
│ ├── dependency_modification_check.yml
│ ├── monitor_libseccomp_releases.yml
│ ├── send_pr_notification.yml
│ ├── send_release_notification.yml
│ └── trigger_ab_tests.yml
├── .gitignore
├── .gitlint
├── .mailmap
├── .mdformat.toml
├── .python-version
├── CHANGELOG.md
├── CHARTER.md
├── CODE_OF_CONDUCT.md
├── CONTRIBUTING.md
├── CREDITS.md
├── Cargo.toml
├── DEPRECATED.md
├── FAQ.md
├── LICENSE
├── MAINTAINERS.md
├── NOTICE
├── PGP-KEY.asc
├── README.md
├── SECURITY.md
├── SPECIFICATION.md
├── THIRD-PARTY
├── deny.toml
├── docs/
│ ├── RELEASE_POLICY.md
│ ├── api-change-runbook.md
│ ├── api_requests/
│ │ ├── actions.md
│ │ ├── block-caching.md
│ │ ├── block-io-engine.md
│ │ ├── block-vhost-user.md
│ │ ├── patch-block.md
│ │ └── patch-network-interface.md
│ ├── ballooning.md
│ ├── cpu_templates/
│ │ ├── boot-protocol.md
│ │ ├── cpu-template-helper.md
│ │ ├── cpu-templates.md
│ │ ├── cpuid-normalization.md
│ │ └── schema.json
│ ├── design.md
│ ├── dev-machine-setup.md
│ ├── device-api.md
│ ├── entropy.md
│ ├── formal-verification.md
│ ├── gdb-debugging.md
│ ├── getting-started.md
│ ├── hugepages.md
│ ├── images/
│ │ └── vsock-connections.drawio
│ ├── initrd.md
│ ├── jailer.md
│ ├── kernel-policy.md
│ ├── logger.md
│ ├── memory-hotplug.md
│ ├── metrics.md
│ ├── mmds/
│ │ ├── mmds-design.md
│ │ └── mmds-user-guide.md
│ ├── network-performance.md
│ ├── network-setup.md
│ ├── pmem.md
│ ├── prod-host-setup.md
│ ├── pvh.md
│ ├── rootfs-and-kernel-setup.md
│ ├── seccomp.md
│ ├── seccompiler.md
│ ├── snapshotting/
│ │ ├── handling-page-faults-on-snapshot-resume.md
│ │ ├── network-for-clones.md
│ │ ├── random-for-clones.md
│ │ ├── snapshot-editor.md
│ │ ├── snapshot-support.md
│ │ └── versioning.md
│ ├── tracing.md
│ └── vsock.md
├── resources/
│ ├── chroot.sh
│ ├── guest_configs/
│ │ ├── DISCLAIMER.md
│ │ ├── ci.config
│ │ ├── debug.config
│ │ ├── ftrace.config
│ │ ├── microvm-kernel-ci-aarch64-5.10.config
│ │ ├── microvm-kernel-ci-aarch64-6.1.config
│ │ ├── microvm-kernel-ci-x86_64-5.10-no-acpi.config
│ │ ├── microvm-kernel-ci-x86_64-5.10.config
│ │ ├── microvm-kernel-ci-x86_64-6.1.config
│ │ ├── pcie.config
│ │ ├── virtio-mem.config
│ │ ├── virtio-pmem.config
│ │ └── vmclock.config
│ ├── overlay/
│ │ ├── etc/
│ │ │ └── systemd/
│ │ │ └── system/
│ │ │ ├── fcnet.service
│ │ │ └── var-lib-systemd.mount
│ │ └── usr/
│ │ └── local/
│ │ └── bin/
│ │ ├── devmemread.c
│ │ ├── fast_page_fault_helper.c
│ │ ├── fcnet-setup.sh
│ │ ├── fillmem.c
│ │ ├── go_sdk_cred_provider.go/
│ │ │ └── main.go
│ │ ├── go_sdk_cred_provider_with_custom_endpoint.go/
│ │ │ └── main.go
│ │ ├── init.c
│ │ └── readmem.c
│ ├── patches/
│ │ └── vmclock/
│ │ ├── 5.10/
│ │ │ ├── 0001-ptp-vmclock-add-vm-generation-counter.patch
│ │ │ ├── 0002-ptp-vmclock-support-device-notifications.patch
│ │ │ ├── 0003-dt-bindings-ptp-Add-amazon-vmclock.patch
│ │ │ ├── 0004-ptp-ptp_vmclock-Add-device-tree-support.patch
│ │ │ ├── 0005-ptp-ptp_vmclock-add-VMCLOCK-to-ACPI-device-match.patch
│ │ │ ├── 0006-ptp-ptp_vmclock-remove-dependency-on-CONFIG_ACPI.patch
│ │ │ └── 0007-ptp-ptp_vmclock-return-TAI-not-UTC.patch
│ │ └── 6.1/
│ │ ├── 0001-ptp-vmclock-add-vm-generation-counter.patch
│ │ ├── 0002-ptp-vmclock-support-device-notifications.patch
│ │ ├── 0003-dt-bindings-ptp-Add-amazon-vmclock.patch
│ │ ├── 0004-ptp-ptp_vmclock-Add-device-tree-support.patch
│ │ ├── 0005-ptp-ptp_vmclock-add-VMCLOCK-to-ACPI-device-match.patch
│ │ ├── 0006-ptp-ptp_vmclock-remove-dependency-on-CONFIG_ACPI.patch
│ │ └── 0007-ptp-ptp_vmclock-return-TAI-not-UTC.patch
│ ├── rebuild.sh
│ └── seccomp/
│ ├── aarch64-unknown-linux-musl.json
│ ├── unimplemented.json
│ └── x86_64-unknown-linux-musl.json
├── rust-toolchain.toml
├── rustfmt.toml
├── src/
│ ├── acpi-tables/
│ │ ├── Cargo.toml
│ │ └── src/
│ │ ├── aml.rs
│ │ ├── dsdt.rs
│ │ ├── fadt.rs
│ │ ├── lib.rs
│ │ ├── madt.rs
│ │ ├── mcfg.rs
│ │ ├── rsdp.rs
│ │ └── xsdt.rs
│ ├── clippy-tracing/
│ │ ├── Cargo.toml
│ │ ├── README.md
│ │ ├── src/
│ │ │ └── main.rs
│ │ └── tests/
│ │ └── integration_tests.rs
│ ├── cpu-template-helper/
│ │ ├── Cargo.toml
│ │ ├── build.rs
│ │ └── src/
│ │ ├── fingerprint/
│ │ │ ├── compare.rs
│ │ │ ├── dump.rs
│ │ │ └── mod.rs
│ │ ├── main.rs
│ │ ├── template/
│ │ │ ├── dump/
│ │ │ │ ├── aarch64.rs
│ │ │ │ ├── mod.rs
│ │ │ │ └── x86_64.rs
│ │ │ ├── mod.rs
│ │ │ ├── strip/
│ │ │ │ ├── aarch64.rs
│ │ │ │ ├── mod.rs
│ │ │ │ └── x86_64.rs
│ │ │ └── verify/
│ │ │ ├── aarch64.rs
│ │ │ ├── mod.rs
│ │ │ └── x86_64.rs
│ │ └── utils/
│ │ ├── aarch64.rs
│ │ ├── mock_kernel/
│ │ │ └── main.c
│ │ ├── mod.rs
│ │ └── x86_64.rs
│ ├── firecracker/
│ │ ├── Cargo.toml
│ │ ├── build.rs
│ │ ├── examples/
│ │ │ ├── README.md
│ │ │ ├── seccomp/
│ │ │ │ ├── harmless.rs
│ │ │ │ ├── jailer.rs
│ │ │ │ ├── malicious.rs
│ │ │ │ └── panic.rs
│ │ │ └── uffd/
│ │ │ ├── fault_all_handler.rs
│ │ │ ├── malicious_handler.rs
│ │ │ ├── on_demand_handler.rs
│ │ │ └── uffd_utils.rs
│ │ ├── src/
│ │ │ ├── api_server/
│ │ │ │ ├── mod.rs
│ │ │ │ ├── parsed_request.rs
│ │ │ │ └── request/
│ │ │ │ ├── actions.rs
│ │ │ │ ├── balloon.rs
│ │ │ │ ├── boot_source.rs
│ │ │ │ ├── cpu_configuration.rs
│ │ │ │ ├── drive.rs
│ │ │ │ ├── entropy.rs
│ │ │ │ ├── hotplug/
│ │ │ │ │ ├── memory.rs
│ │ │ │ │ └── mod.rs
│ │ │ │ ├── instance_info.rs
│ │ │ │ ├── logger.rs
│ │ │ │ ├── machine_configuration.rs
│ │ │ │ ├── metrics.rs
│ │ │ │ ├── mmds.rs
│ │ │ │ ├── mod.rs
│ │ │ │ ├── net.rs
│ │ │ │ ├── pmem.rs
│ │ │ │ ├── serial.rs
│ │ │ │ ├── snapshot.rs
│ │ │ │ ├── version.rs
│ │ │ │ └── vsock.rs
│ │ │ ├── api_server_adapter.rs
│ │ │ ├── generated/
│ │ │ │ ├── mod.rs
│ │ │ │ └── prctl.rs
│ │ │ ├── lib.rs
│ │ │ ├── main.rs
│ │ │ ├── metrics.rs
│ │ │ └── seccomp.rs
│ │ ├── swagger/
│ │ │ └── firecracker.yaml
│ │ └── tests/
│ │ └── verify_dependencies.rs
│ ├── jailer/
│ │ ├── Cargo.toml
│ │ └── src/
│ │ ├── cgroup.rs
│ │ ├── chroot.rs
│ │ ├── env.rs
│ │ ├── main.rs
│ │ └── resource_limits.rs
│ ├── log-instrument/
│ │ ├── Cargo.toml
│ │ ├── README.md
│ │ ├── examples/
│ │ │ ├── five.rs
│ │ │ ├── four.rs
│ │ │ ├── one.rs
│ │ │ ├── six.rs
│ │ │ ├── three.rs
│ │ │ └── two.rs
│ │ └── src/
│ │ └── lib.rs
│ ├── log-instrument-macros/
│ │ ├── Cargo.toml
│ │ └── src/
│ │ └── lib.rs
│ ├── pci/
│ │ ├── Cargo.toml
│ │ └── src/
│ │ └── lib.rs
│ ├── rebase-snap/
│ │ ├── Cargo.toml
│ │ └── src/
│ │ └── main.rs
│ ├── seccompiler/
│ │ ├── Cargo.toml
│ │ ├── build.rs
│ │ └── src/
│ │ ├── bin.rs
│ │ ├── bindings.rs
│ │ ├── lib.rs
│ │ └── types.rs
│ ├── snapshot-editor/
│ │ ├── Cargo.toml
│ │ └── src/
│ │ ├── edit_memory.rs
│ │ ├── edit_vmstate.rs
│ │ ├── info.rs
│ │ ├── main.rs
│ │ └── utils.rs
│ ├── utils/
│ │ ├── Cargo.toml
│ │ └── src/
│ │ ├── arg_parser.rs
│ │ ├── lib.rs
│ │ ├── time.rs
│ │ └── validators.rs
│ └── vmm/
│ ├── Cargo.toml
│ ├── benches/
│ │ ├── block_request.rs
│ │ ├── cpu_templates.rs
│ │ ├── memory_access.rs
│ │ └── queue.rs
│ ├── src/
│ │ ├── acpi/
│ │ │ ├── mod.rs
│ │ │ └── x86_64.rs
│ │ ├── arch/
│ │ │ ├── aarch64/
│ │ │ │ ├── cache_info.rs
│ │ │ │ ├── fdt.rs
│ │ │ │ ├── gic/
│ │ │ │ │ ├── gicv2/
│ │ │ │ │ │ ├── mod.rs
│ │ │ │ │ │ └── regs/
│ │ │ │ │ │ ├── dist_regs.rs
│ │ │ │ │ │ ├── icc_regs.rs
│ │ │ │ │ │ └── mod.rs
│ │ │ │ │ ├── gicv3/
│ │ │ │ │ │ ├── mod.rs
│ │ │ │ │ │ └── regs/
│ │ │ │ │ │ ├── dist_regs.rs
│ │ │ │ │ │ ├── icc_regs.rs
│ │ │ │ │ │ ├── its_regs.rs
│ │ │ │ │ │ ├── mod.rs
│ │ │ │ │ │ └── redist_regs.rs
│ │ │ │ │ ├── mod.rs
│ │ │ │ │ └── regs.rs
│ │ │ │ ├── kvm.rs
│ │ │ │ ├── layout.rs
│ │ │ │ ├── mod.rs
│ │ │ │ ├── output_GICv2.dtb
│ │ │ │ ├── output_GICv3.dtb
│ │ │ │ ├── output_initrd_GICv2.dtb
│ │ │ │ ├── output_initrd_GICv3.dtb
│ │ │ │ ├── regs.rs
│ │ │ │ ├── vcpu.rs
│ │ │ │ └── vm.rs
│ │ │ ├── mod.rs
│ │ │ └── x86_64/
│ │ │ ├── cpu_model.rs
│ │ │ ├── gdt.rs
│ │ │ ├── generated/
│ │ │ │ ├── arch_prctl.rs
│ │ │ │ ├── hyperv.rs
│ │ │ │ ├── hyperv_tlfs.rs
│ │ │ │ ├── mod.rs
│ │ │ │ ├── mpspec.rs
│ │ │ │ ├── msr_index.rs
│ │ │ │ └── perf_event.rs
│ │ │ ├── interrupts.rs
│ │ │ ├── kvm.rs
│ │ │ ├── layout.rs
│ │ │ ├── mod.rs
│ │ │ ├── mptable.rs
│ │ │ ├── msr.rs
│ │ │ ├── regs.rs
│ │ │ ├── vcpu.rs
│ │ │ ├── vm.rs
│ │ │ └── xstate.rs
│ │ ├── builder.rs
│ │ ├── cpu_config/
│ │ │ ├── aarch64/
│ │ │ │ ├── custom_cpu_template.rs
│ │ │ │ ├── mod.rs
│ │ │ │ ├── static_cpu_templates/
│ │ │ │ │ ├── mod.rs
│ │ │ │ │ └── v1n1.rs
│ │ │ │ └── test_utils.rs
│ │ │ ├── mod.rs
│ │ │ ├── templates.rs
│ │ │ ├── templates_serde.rs
│ │ │ ├── test_utils.rs
│ │ │ └── x86_64/
│ │ │ ├── cpuid/
│ │ │ │ ├── amd/
│ │ │ │ │ ├── mod.rs
│ │ │ │ │ └── normalize.rs
│ │ │ │ ├── common.rs
│ │ │ │ ├── intel/
│ │ │ │ │ ├── mod.rs
│ │ │ │ │ └── normalize.rs
│ │ │ │ ├── mod.rs
│ │ │ │ └── normalize.rs
│ │ │ ├── custom_cpu_template.rs
│ │ │ ├── mod.rs
│ │ │ ├── static_cpu_templates/
│ │ │ │ ├── c3.rs
│ │ │ │ ├── mod.rs
│ │ │ │ ├── t2.rs
│ │ │ │ ├── t2a.rs
│ │ │ │ ├── t2cl.rs
│ │ │ │ └── t2s.rs
│ │ │ └── test_utils.rs
│ │ ├── device_manager/
│ │ │ ├── acpi.rs
│ │ │ ├── legacy.rs
│ │ │ ├── mmio.rs
│ │ │ ├── mod.rs
│ │ │ ├── pci_mngr.rs
│ │ │ └── persist.rs
│ │ ├── devices/
│ │ │ ├── acpi/
│ │ │ │ ├── generated/
│ │ │ │ │ ├── mod.rs
│ │ │ │ │ └── vmclock_abi.rs
│ │ │ │ ├── mod.rs
│ │ │ │ ├── vmclock.rs
│ │ │ │ └── vmgenid.rs
│ │ │ ├── legacy/
│ │ │ │ ├── i8042.rs
│ │ │ │ ├── mod.rs
│ │ │ │ ├── rtc_pl031.rs
│ │ │ │ └── serial.rs
│ │ │ ├── mod.rs
│ │ │ ├── pci/
│ │ │ │ ├── mod.rs
│ │ │ │ └── pci_segment.rs
│ │ │ ├── pseudo/
│ │ │ │ ├── boot_timer.rs
│ │ │ │ └── mod.rs
│ │ │ └── virtio/
│ │ │ ├── balloon/
│ │ │ │ ├── device.rs
│ │ │ │ ├── event_handler.rs
│ │ │ │ ├── metrics.rs
│ │ │ │ ├── mod.rs
│ │ │ │ ├── persist.rs
│ │ │ │ ├── test_utils.rs
│ │ │ │ └── util.rs
│ │ │ ├── block/
│ │ │ │ ├── device.rs
│ │ │ │ ├── mod.rs
│ │ │ │ ├── persist.rs
│ │ │ │ ├── vhost_user/
│ │ │ │ │ ├── device.rs
│ │ │ │ │ ├── event_handler.rs
│ │ │ │ │ ├── mod.rs
│ │ │ │ │ └── persist.rs
│ │ │ │ └── virtio/
│ │ │ │ ├── device.rs
│ │ │ │ ├── event_handler.rs
│ │ │ │ ├── io/
│ │ │ │ │ ├── async_io.rs
│ │ │ │ │ ├── mod.rs
│ │ │ │ │ └── sync_io.rs
│ │ │ │ ├── metrics.rs
│ │ │ │ ├── mod.rs
│ │ │ │ ├── persist.rs
│ │ │ │ ├── request.rs
│ │ │ │ └── test_utils.rs
│ │ │ ├── device.rs
│ │ │ ├── generated/
│ │ │ │ ├── mod.rs
│ │ │ │ ├── virtio_blk.rs
│ │ │ │ ├── virtio_config.rs
│ │ │ │ ├── virtio_ids.rs
│ │ │ │ ├── virtio_mem.rs
│ │ │ │ ├── virtio_net.rs
│ │ │ │ └── virtio_ring.rs
│ │ │ ├── iov_deque.rs
│ │ │ ├── iovec.rs
│ │ │ ├── mem/
│ │ │ │ ├── device.rs
│ │ │ │ ├── event_handler.rs
│ │ │ │ ├── metrics.rs
│ │ │ │ ├── mod.rs
│ │ │ │ ├── persist.rs
│ │ │ │ └── request.rs
│ │ │ ├── mod.rs
│ │ │ ├── net/
│ │ │ │ ├── device.rs
│ │ │ │ ├── event_handler.rs
│ │ │ │ ├── generated/
│ │ │ │ │ ├── if_tun.rs
│ │ │ │ │ ├── iff.rs
│ │ │ │ │ ├── mod.rs
│ │ │ │ │ └── sockios.rs
│ │ │ │ ├── metrics.rs
│ │ │ │ ├── mod.rs
│ │ │ │ ├── persist.rs
│ │ │ │ ├── tap.rs
│ │ │ │ └── test_utils.rs
│ │ │ ├── persist.rs
│ │ │ ├── pmem/
│ │ │ │ ├── device.rs
│ │ │ │ ├── event_handler.rs
│ │ │ │ ├── metrics.rs
│ │ │ │ ├── mod.rs
│ │ │ │ └── persist.rs
│ │ │ ├── queue.rs
│ │ │ ├── rng/
│ │ │ │ ├── device.rs
│ │ │ │ ├── event_handler.rs
│ │ │ │ ├── metrics.rs
│ │ │ │ ├── mod.rs
│ │ │ │ └── persist.rs
│ │ │ ├── test_utils.rs
│ │ │ ├── transport/
│ │ │ │ ├── mmio.rs
│ │ │ │ ├── mod.rs
│ │ │ │ └── pci/
│ │ │ │ ├── common_config.rs
│ │ │ │ ├── device.rs
│ │ │ │ └── mod.rs
│ │ │ ├── vhost_user.rs
│ │ │ ├── vhost_user_metrics.rs
│ │ │ └── vsock/
│ │ │ ├── csm/
│ │ │ │ ├── connection.rs
│ │ │ │ ├── mod.rs
│ │ │ │ └── txbuf.rs
│ │ │ ├── device.rs
│ │ │ ├── event_handler.rs
│ │ │ ├── metrics.rs
│ │ │ ├── mod.rs
│ │ │ ├── packet.rs
│ │ │ ├── persist.rs
│ │ │ ├── test_utils.rs
│ │ │ └── unix/
│ │ │ ├── mod.rs
│ │ │ ├── muxer.rs
│ │ │ ├── muxer_killq.rs
│ │ │ └── muxer_rxq.rs
│ │ ├── dumbo/
│ │ │ ├── mod.rs
│ │ │ ├── pdu/
│ │ │ │ ├── arp.rs
│ │ │ │ ├── bytes.rs
│ │ │ │ ├── ethernet.rs
│ │ │ │ ├── ipv4.rs
│ │ │ │ ├── mod.rs
│ │ │ │ └── tcp.rs
│ │ │ └── tcp/
│ │ │ ├── connection.rs
│ │ │ ├── endpoint.rs
│ │ │ ├── handler.rs
│ │ │ └── mod.rs
│ │ ├── gdb/
│ │ │ ├── arch/
│ │ │ │ ├── aarch64.rs
│ │ │ │ ├── mod.rs
│ │ │ │ └── x86.rs
│ │ │ ├── event_loop.rs
│ │ │ ├── mod.rs
│ │ │ └── target.rs
│ │ ├── initrd.rs
│ │ ├── io_uring/
│ │ │ ├── generated.rs
│ │ │ ├── mod.rs
│ │ │ ├── operation/
│ │ │ │ ├── cqe.rs
│ │ │ │ ├── mod.rs
│ │ │ │ └── sqe.rs
│ │ │ ├── probe.rs
│ │ │ ├── queue/
│ │ │ │ ├── completion.rs
│ │ │ │ ├── mmap.rs
│ │ │ │ ├── mod.rs
│ │ │ │ └── submission.rs
│ │ │ └── restriction.rs
│ │ ├── lib.rs
│ │ ├── logger/
│ │ │ ├── logging.rs
│ │ │ ├── metrics.rs
│ │ │ └── mod.rs
│ │ ├── mmds/
│ │ │ ├── data_store.rs
│ │ │ ├── mod.rs
│ │ │ ├── ns.rs
│ │ │ ├── persist.rs
│ │ │ ├── token.rs
│ │ │ └── token_headers.rs
│ │ ├── pci/
│ │ │ ├── bus.rs
│ │ │ ├── configuration.rs
│ │ │ ├── mod.rs
│ │ │ └── msix.rs
│ │ ├── persist.rs
│ │ ├── rate_limiter/
│ │ │ ├── mod.rs
│ │ │ └── persist.rs
│ │ ├── resources.rs
│ │ ├── rpc_interface.rs
│ │ ├── seccomp.rs
│ │ ├── signal_handler.rs
│ │ ├── snapshot/
│ │ │ ├── crc.rs
│ │ │ ├── mod.rs
│ │ │ └── persist.rs
│ │ ├── test_utils/
│ │ │ ├── mock_resources/
│ │ │ │ ├── dirtying_init.tgz
│ │ │ │ ├── make_noisy_kernel.sh
│ │ │ │ └── mod.rs
│ │ │ └── mod.rs
│ │ ├── utils/
│ │ │ ├── byte_order.rs
│ │ │ ├── mod.rs
│ │ │ ├── net/
│ │ │ │ ├── ipv4addr.rs
│ │ │ │ ├── mac.rs
│ │ │ │ └── mod.rs
│ │ │ ├── signal.rs
│ │ │ └── sm.rs
│ │ ├── vmm_config/
│ │ │ ├── balloon.rs
│ │ │ ├── boot_source.rs
│ │ │ ├── drive.rs
│ │ │ ├── entropy.rs
│ │ │ ├── instance_info.rs
│ │ │ ├── machine_config.rs
│ │ │ ├── memory_hotplug.rs
│ │ │ ├── metrics.rs
│ │ │ ├── mmds.rs
│ │ │ ├── mod.rs
│ │ │ ├── net.rs
│ │ │ ├── pmem.rs
│ │ │ ├── serial.rs
│ │ │ ├── snapshot.rs
│ │ │ └── vsock.rs
│ │ └── vstate/
│ │ ├── bus.rs
│ │ ├── interrupts.rs
│ │ ├── kvm.rs
│ │ ├── memory.rs
│ │ ├── mod.rs
│ │ ├── resources.rs
│ │ ├── vcpu.rs
│ │ └── vm.rs
│ └── tests/
│ ├── devices.rs
│ ├── integration_tests.rs
│ └── io_uring.rs
├── tests/
│ ├── README.md
│ ├── conftest.py
│ ├── data/
│ │ ├── cpu_template_helper/
│ │ │ ├── fingerprint_AMD_GENOA_5.10host.json
│ │ │ ├── fingerprint_AMD_GENOA_6.1host.json
│ │ │ ├── fingerprint_AMD_MILAN_5.10host.json
│ │ │ ├── fingerprint_AMD_MILAN_6.1host.json
│ │ │ ├── fingerprint_ARM_NEOVERSE_N1_5.10host.json
│ │ │ ├── fingerprint_ARM_NEOVERSE_N1_6.1host.json
│ │ │ ├── fingerprint_ARM_NEOVERSE_V1_5.10host.json
│ │ │ ├── fingerprint_ARM_NEOVERSE_V1_6.1host.json
│ │ │ ├── fingerprint_ARM_NEOVERSE_V2_5.10host.json
│ │ │ ├── fingerprint_ARM_NEOVERSE_V2_6.1host.json
│ │ │ ├── fingerprint_INTEL_CASCADELAKE_5.10host.json
│ │ │ ├── fingerprint_INTEL_CASCADELAKE_6.1host.json
│ │ │ ├── fingerprint_INTEL_GRANITE_RAPIDS_5.10host.json
│ │ │ ├── fingerprint_INTEL_GRANITE_RAPIDS_6.1host.json
│ │ │ ├── fingerprint_INTEL_ICELAKE_5.10host.json
│ │ │ ├── fingerprint_INTEL_ICELAKE_6.1host.json
│ │ │ ├── fingerprint_INTEL_SAPPHIRE_RAPIDS_5.10host.json
│ │ │ └── fingerprint_INTEL_SAPPHIRE_RAPIDS_6.1host.json
│ │ ├── custom_cpu_templates/
│ │ │ ├── AARCH64_WITH_SVE_AND_PAC.json
│ │ │ ├── C3.json
│ │ │ ├── GNR_TO_T2_5.10.json
│ │ │ ├── GNR_TO_T2_6.1.json
│ │ │ ├── SPR_TO_T2_5.10.json
│ │ │ ├── SPR_TO_T2_6.1.json
│ │ │ ├── T2.json
│ │ │ ├── T2A.json
│ │ │ ├── T2CL.json
│ │ │ ├── T2S.json
│ │ │ └── V1N1.json
│ │ ├── metadata.json
│ │ ├── metadata_invalid.json
│ │ └── msr/
│ │ ├── msr_list_GNR_TO_T2_5.10_INTEL_GRANITE_RAPIDS_5.10host_5.10guest.csv
│ │ ├── msr_list_GNR_TO_T2_5.10_INTEL_GRANITE_RAPIDS_5.10host_6.1guest.csv
│ │ ├── msr_list_GNR_TO_T2_6.1_INTEL_GRANITE_RAPIDS_6.1host_5.10guest.csv
│ │ ├── msr_list_GNR_TO_T2_6.1_INTEL_GRANITE_RAPIDS_6.1host_6.1guest.csv
│ │ ├── msr_list_SPR_TO_T2_5.10_INTEL_SAPPHIRE_RAPIDS_5.10host_5.10guest.csv
│ │ ├── msr_list_SPR_TO_T2_5.10_INTEL_SAPPHIRE_RAPIDS_5.10host_6.1guest.csv
│ │ ├── msr_list_SPR_TO_T2_6.1_INTEL_SAPPHIRE_RAPIDS_6.1host_5.10guest.csv
│ │ ├── msr_list_SPR_TO_T2_6.1_INTEL_SAPPHIRE_RAPIDS_6.1host_6.1guest.csv
│ │ ├── msr_list_T2A_AMD_MILAN_5.10host_5.10guest.csv
│ │ ├── msr_list_T2A_AMD_MILAN_5.10host_6.1guest.csv
│ │ ├── msr_list_T2A_AMD_MILAN_6.1host_5.10guest.csv
│ │ ├── msr_list_T2A_AMD_MILAN_6.1host_6.1guest.csv
│ │ ├── msr_list_T2CL_INTEL_CASCADELAKE_5.10host_5.10guest.csv
│ │ ├── msr_list_T2CL_INTEL_CASCADELAKE_5.10host_6.1guest.csv
│ │ ├── msr_list_T2CL_INTEL_CASCADELAKE_6.1host_5.10guest.csv
│ │ ├── msr_list_T2CL_INTEL_CASCADELAKE_6.1host_6.1guest.csv
│ │ ├── msr_list_T2CL_INTEL_ICELAKE_5.10host_5.10guest.csv
│ │ ├── msr_list_T2CL_INTEL_ICELAKE_5.10host_6.1guest.csv
│ │ ├── msr_list_T2CL_INTEL_ICELAKE_6.1host_5.10guest.csv
│ │ ├── msr_list_T2CL_INTEL_ICELAKE_6.1host_6.1guest.csv
│ │ ├── msr_list_T2S_INTEL_CASCADELAKE_5.10host_5.10guest.csv
│ │ ├── msr_list_T2S_INTEL_CASCADELAKE_5.10host_6.1guest.csv
│ │ ├── msr_list_T2S_INTEL_CASCADELAKE_6.1host_5.10guest.csv
│ │ ├── msr_list_T2S_INTEL_CASCADELAKE_6.1host_6.1guest.csv
│ │ ├── msr_reader.c
│ │ ├── msr_writer.sh
│ │ └── wrmsr_list.txt
│ ├── framework/
│ │ ├── __init__.py
│ │ ├── ab_test.py
│ │ ├── artifacts.py
│ │ ├── defs.py
│ │ ├── gitlint_rules.py
│ │ ├── guest_stats.py
│ │ ├── http_api.py
│ │ ├── jailer.py
│ │ ├── microvm.py
│ │ ├── microvm_helpers.py
│ │ ├── properties.py
│ │ ├── static_analysis.py
│ │ ├── swagger_validator.py
│ │ ├── utils.py
│ │ ├── utils_cpu_templates.py
│ │ ├── utils_cpuid.py
│ │ ├── utils_drive.py
│ │ ├── utils_fio.py
│ │ ├── utils_ftrace.py
│ │ ├── utils_imdsv2.py
│ │ ├── utils_iperf.py
│ │ ├── utils_repo.py
│ │ ├── utils_uffd.py
│ │ ├── utils_vsock.py
│ │ ├── vm_config.json
│ │ ├── vm_config_cpu_template_C3.json
│ │ ├── vm_config_missing_mem_size_mib.json
│ │ ├── vm_config_missing_vcpu_count.json
│ │ ├── vm_config_network.json
│ │ ├── vm_config_smt_true.json
│ │ ├── vm_config_with_mmdsv1.json
│ │ ├── vm_config_with_mmdsv2.json
│ │ └── with_filelock.py
│ ├── host_tools/
│ │ ├── __init__.py
│ │ ├── cargo_build.py
│ │ ├── change_net_config_space.c
│ │ ├── cpu_load.py
│ │ ├── drive.py
│ │ ├── fcmetrics.py
│ │ ├── jailer_time.c
│ │ ├── memory.py
│ │ ├── metrics.py
│ │ ├── network.py
│ │ ├── proc.py
│ │ ├── test_syscalls.c
│ │ ├── udp_offload.py
│ │ ├── vmclock-abi.h
│ │ ├── vmclock.c
│ │ ├── vsock_helper.c
│ │ └── waitpkg.c
│ ├── integration_tests/
│ │ ├── build/
│ │ │ ├── __init__.py
│ │ │ ├── test_clippy.py
│ │ │ ├── test_coverage.py
│ │ │ ├── test_dependencies.py
│ │ │ ├── test_gdb.py
│ │ │ ├── test_seccomp_no_redundant_rules.py
│ │ │ └── test_unittests.py
│ │ ├── functional/
│ │ │ ├── __init__.py
│ │ │ ├── test_api.py
│ │ │ ├── test_api_server.py
│ │ │ ├── test_balloon.py
│ │ │ ├── test_binary.py
│ │ │ ├── test_binary_size.py
│ │ │ ├── test_cmd_line_parameters.py
│ │ │ ├── test_cmd_line_start.py
│ │ │ ├── test_concurrency.py
│ │ │ ├── test_cpu_all.py
│ │ │ ├── test_cpu_features_aarch64.py
│ │ │ ├── test_cpu_features_host_vs_guest.py
│ │ │ ├── test_cpu_features_x86_64.py
│ │ │ ├── test_cpu_template_helper.py
│ │ │ ├── test_dirty_pages_in_full_snapshot.py
│ │ │ ├── test_drive_vhost_user.py
│ │ │ ├── test_drive_virtio.py
│ │ │ ├── test_error_code.py
│ │ │ ├── test_feat_parity.py
│ │ │ ├── test_gdb.py
│ │ │ ├── test_instrumented_firecracker.py
│ │ │ ├── test_kernel_cmdline.py
│ │ │ ├── test_kvm_ptp.py
│ │ │ ├── test_log_instrument.py
│ │ │ ├── test_logging.py
│ │ │ ├── test_max_devices.py
│ │ │ ├── test_metrics.py
│ │ │ ├── test_mmds.py
│ │ │ ├── test_net.py
│ │ │ ├── test_net_config_space.py
│ │ │ ├── test_pause_resume.py
│ │ │ ├── test_pci.py
│ │ │ ├── test_pmem.py
│ │ │ ├── test_pvtime.py
│ │ │ ├── test_rng.py
│ │ │ ├── test_rtc.py
│ │ │ ├── test_serial_io.py
│ │ │ ├── test_shut_down.py
│ │ │ ├── test_signals.py
│ │ │ ├── test_snapshot_basic.py
│ │ │ ├── test_snapshot_editor.py
│ │ │ ├── test_snapshot_not_losing_dirty_pages.py
│ │ │ ├── test_snapshot_phase1.py
│ │ │ ├── test_snapshot_restore_cross_kernel.py
│ │ │ ├── test_topology.py
│ │ │ ├── test_uffd.py
│ │ │ ├── test_vmclock.py
│ │ │ └── test_vsock.py
│ │ ├── performance/
│ │ │ ├── __init__.py
│ │ │ ├── test_balloon.py
│ │ │ ├── test_block.py
│ │ │ ├── test_boottime.py
│ │ │ ├── test_drive_rate_limiter.py
│ │ │ ├── test_hotplug_memory.py
│ │ │ ├── test_huge_pages.py
│ │ │ ├── test_initrd.py
│ │ │ ├── test_jailer.py
│ │ │ ├── test_memory_overhead.py
│ │ │ ├── test_mmds.py
│ │ │ ├── test_network.py
│ │ │ ├── test_pmem.py
│ │ │ ├── test_process_startup_time.py
│ │ │ ├── test_rate_limiter.py
│ │ │ ├── test_snapshot.py
│ │ │ ├── test_steal_time.py
│ │ │ ├── test_vhost_user_metrics.py
│ │ │ └── test_vsock.py
│ │ ├── security/
│ │ │ ├── __init__.py
│ │ │ ├── conftest.py
│ │ │ ├── test_custom_seccomp.py
│ │ │ ├── test_jail.py
│ │ │ ├── test_nv.py
│ │ │ ├── test_sec_audit.py
│ │ │ ├── test_seccomp.py
│ │ │ ├── test_seccomp_validate.py
│ │ │ └── test_vulnerabilities.py
│ │ ├── style/
│ │ │ ├── __init__.py
│ │ │ ├── test_gitlint.py
│ │ │ ├── test_licenses.py
│ │ │ ├── test_markdown.py
│ │ │ ├── test_python.py
│ │ │ ├── test_repo.py
│ │ │ ├── test_rust.py
│ │ │ └── test_swagger.py
│ │ └── test_kani.py
│ ├── pyproject.toml
│ └── pytest.ini
└── tools/
├── ab_plot.py
├── ab_test.py
├── bindgen-patches/
│ ├── 0001-change-c_char-to-c_uchar-in-ifrn_name.patch
│ ├── 0002-derive-clone-copy-in-io-uring.patch
│ ├── 0003-vmclock.patch
│ └── 0004-vmclock-notify.patch
├── bindgen.sh
├── bump-version.sh
├── devctr/
│ ├── Dockerfile
│ ├── ctr_gitconfig
│ └── pyproject.toml
├── devtool
├── functions
├── gh_release.py
├── release-notes.py
├── release-prepare.sh
├── release-tag.sh
├── release.sh
├── sandbox.py
├── setup-ci-artifacts.sh
├── test-popular-containers/
│ ├── build_rootfs.sh
│ ├── fcnet.start
│ ├── setup-minimal.sh
│ └── test-docker-rootfs.py
├── test.sh
├── test_bindings.py
└── update-credits.sh
================================================
FILE CONTENTS
================================================
================================================
FILE: .buildkite/common.py
================================================
# Copyright 2023 Amazon.com, Inc. or its affiliates. All Rights Reserved.
# SPDX-License-Identifier: Apache-2.0
"""
Common helpers to create Buildkite pipelines
"""
import argparse
import ast
import json
import os
import random
import string
import subprocess
from pathlib import Path
# fmt: off
DEFAULT_INSTANCES = [
"m5n.metal", # Intel Cascade Lake
"m6i.metal", # Intel Ice Lake
"m7i.metal-24xl", # Intel Sapphire Rapids
"m7i.metal-48xl", # Intel Sapphire Rapids
"m8i.metal-48xl", # Intel Granite Rapids
"m8i.metal-96xl", # Intel Granite Rapids
"m6a.metal", # AMD Milan
"m7a.metal-48xl", # AMD Genoa
"m6g.metal", # Graviton2
"m7g.metal", # Graviton3
"m8g.metal-24xl", # Graviton4 1 socket
"m8g.metal-48xl", # Graviton4 2 sockets
]
# fmt: on
DEFAULT_PLATFORMS = [
("al2", "linux_5.10"),
("al2023", "linux_6.1"),
]
def get_arch_for_instance(instance):
"""Return instance architecture"""
return "x86_64" if instance[2] != "g" else "aarch64"
def overlay_dict(base: dict, update: dict):
"""Overlay a dict over a base one"""
base = base.copy()
for key, val in update.items():
if key in base and isinstance(val, dict):
base[key] = overlay_dict(base.get(key, {}), val)
else:
base[key] = val
return base
def field_fmt(field, args):
"""If `field` is a string, interpolate variables in `args`"""
if not isinstance(field, str):
return field
return field.format(**args)
def dict_fmt(dict_tmpl, args):
"""Apply field_fmt over a hole dict"""
res = {}
for key, val in dict_tmpl.items():
if isinstance(val, dict):
res[key] = dict_fmt(val, args)
else:
res[key] = field_fmt(val, args)
return res
def group(label, command, instances, platforms, **kwargs):
"""
Generate a group step with specified parameters, for each instance+kernel
combination
https://buildkite.com/docs/pipelines/group-step
"""
steps = []
commands = command
if isinstance(command, str):
commands = [command]
for instance in instances:
for os_, kv in platforms:
# fill any templated variables
args = {"instance": instance, "os": os_, "kv": kv}
step = {
"command": [cmd.format(**args) for cmd in commands],
"label": f"{label}-{instance}-{os_}-{kv}",
"agents": args,
}
step_kwargs = dict_fmt(kwargs, args)
step = overlay_dict(step_kwargs, step)
steps.append(step)
return {"group": label, "steps": steps}
def get_changed_files():
"""
Get all files changed since `branch`
"""
# Files are changed only in context of a PR
if os.environ.get("BUILDKITE_PULL_REQUEST", "false") == "false":
return []
branch = os.environ.get("BUILDKITE_PULL_REQUEST_BASE_BRANCH", "main")
stdout = subprocess.check_output(f"git diff --name-only origin/{branch}".split(" "))
return [Path(line) for line in stdout.decode().splitlines()]
def run_all_tests(changed_files):
"""
Check if we should run all tests, based on the files that have been changed
"""
# run the whole test suite if either of:
# - any file changed that is not documentation nor GitHub action config file
# - no files changed
return not changed_files or any(
x.suffix != ".md" and not (x.parts[0] == ".github" and x.suffix == ".yml")
for x in changed_files
)
class DictAction(argparse.Action):
"""An argparse action that can receive a nested dictionary
Examples:
--step-param a/b/c=3
{"a": {"b": {"c": 3}}}
"""
def __init__(self, option_strings, dest, nargs=None, **kwargs):
if nargs is not None:
raise ValueError("nargs not allowed")
super().__init__(option_strings, dest, **kwargs)
def __call__(self, parser, namespace, value, option_string=None):
res = getattr(namespace, self.dest, {})
key_str, val = value.split("=", maxsplit=1)
keys = key_str.split("/")
# Interpret it as a literal iff it starts like one
update = {keys[-1]: ast.literal_eval(val) if val[0] in "[{'" else val}
for key in list(reversed(keys))[1:]:
update = {key: update}
res = overlay_dict(res, update)
setattr(namespace, self.dest, res)
COMMON_PARSER = argparse.ArgumentParser()
COMMON_PARSER.add_argument(
"--instances",
required=False,
nargs="+",
default=DEFAULT_INSTANCES,
)
COMMON_PARSER.add_argument(
"--platforms",
metavar="OS-KV",
required=False,
nargs="+",
default=DEFAULT_PLATFORMS,
type=lambda arg: tuple(arg.split("-", maxsplit=1)),
)
COMMON_PARSER.add_argument(
"--step-param",
metavar="PARAM=VALUE",
help="parameters to add to each step",
required=False,
action=DictAction,
default={},
type=str,
)
COMMON_PARSER.add_argument(
"--binary-dir",
help="Use the Firecracker binaries from this path",
required=False,
default=None,
type=str,
)
COMMON_PARSER.add_argument(
"--artifacts",
help="Use the Firecracker binaries from this S3 uri",
required=False,
default=os.environ.get("ARTIFACTS_OVERRIDE"),
type=str,
)
COMMON_PARSER.add_argument(
"--no-kani",
help="Don't add kani step",
action="store_true",
default=False,
)
COMMON_PARSER.add_argument(
"--parallelism",
help="How many instances of test to create",
required=False,
default=1,
type=int,
)
def random_str(k: int):
"""Generate a random string of hex characters."""
return "".join(random.choices(string.hexdigits, k=k))
def ab_revision_build(revision):
"""Generate steps for building an A/B-test revision"""
return [f"./tools/devtool -y build --rev {revision} --release"]
def shared_build():
"""Helper function to make it simple to share a compilation artifacts for a
whole Buildkite build
"""
# We need to support 3 scenarios here:
# 1. We are running in the nightly pipeline - only compile the HEAD of main.
# 2. We are running in a PR pipeline - compile HEAD of main as revision A and HEAD of PR branch as revision B.
# 3. We are running in an A/B-test pipeline - compile what is passed via REVISION_{A,B} environment variables.
rev_a = os.environ.get("REVISION_A")
if rev_a is not None:
rev_b = os.environ.get("REVISION_B")
assert rev_b is not None, "REVISION_B environment variable not set"
build_cmds = ab_revision_build(rev_a)
if rev_a != rev_b:
build_cmds += ab_revision_build(rev_b)
elif os.environ.get("BUILDKITE_PULL_REQUEST", "false") != "false":
build_cmds = ab_revision_build(
os.environ.get("BUILDKITE_PULL_REQUEST_BASE_BRANCH", "main")
) + ["./tools/devtool -y build --release"]
else:
build_cmds = ["./tools/devtool -y build --release"]
binary_dir = f"build_$(uname -m)_{random_str(k=8)}.tar.gz"
build_cmds += [
"du -sh build/*",
f"tar czf {binary_dir} build",
f"buildkite-agent artifact upload {binary_dir}",
]
return build_cmds, binary_dir
class BKPipeline:
"""
Buildkite Pipeline class abstraction
Helper class to easily construct pipelines.
"""
parser = COMMON_PARSER
def __init__(self, with_build_step=True, **kwargs):
self.steps = []
self.args = args = self.parser.parse_args()
# Retry one time if agent was lost. This can happen if we terminate the
# instance or the agent gets disconnected for whatever reason
retry = {
"automatic": [{"exit_status": -1, "limit": 1}],
}
retry = overlay_dict(retry, kwargs.pop("retry", {}))
# Calculate step defaults with parameters and kwargs
per_instance = {
"instances": args.instances,
"platforms": args.platforms,
"artifact_paths": ["./test_results/**/*"],
"retry": retry,
**kwargs,
}
self.per_instance = overlay_dict(per_instance, args.step_param)
self.per_arch = self.per_instance.copy()
self.per_arch["instances"] = ["m6i.metal", "m7g.metal"]
self.per_arch["platforms"] = [("al2023", "linux_6.1")]
self.binary_dir = args.binary_dir
self.artifacts = args.artifacts
# Build sharing, if a binary dir wasn't already supplied
if not args.binary_dir and with_build_step:
build_cmds, self.shared_build = shared_build()
self.build_group_per_arch(
"build", build_cmds, depends_on_build=False, set_key=self.shared_build
)
else:
self.shared_build = None
def add_step(self, step, depends_on_build=True):
"""
Add a step to the pipeline.
https://buildkite.com/docs/pipelines/step-reference
:param step: a Buildkite step
:param depends_on_build: inject needed commands for sharing builds
"""
if depends_on_build and isinstance(step, dict):
step = self._adapt_group(step)
self.steps.append(step)
return step
def _adapt_group(self, group):
""""""
prepend = []
if self.shared_build is not None:
prepend = [
f'buildkite-agent artifact download "{self.shared_build}" .',
f"tar xzf {self.shared_build}",
]
if self.binary_dir is not None:
prepend.extend(
[
f'buildkite-agent artifact download "{self.binary_dir}/$(uname -m)/*" .',
f"chmod -v a+x {self.binary_dir}/**/*",
]
)
for step in group["steps"]:
step["command"] = prepend + step["command"]
if self.shared_build is not None:
if "depends_on" not in step:
step["depends_on"] = []
elif isinstance(step["depends_on"], str):
step["depends_on"] = [step["depends_on"]]
elif isinstance(step["depends_on"], list):
pass
else:
raise ValueError(
f"depends_on should be a string or a list but is {type(step['depends_on'])}"
)
step["depends_on"].append(self.shared_build)
step["depends_on"] = [
self.build_key(
dep, get_arch_for_instance(step["agents"]["instance"])
)
for dep in step["depends_on"]
]
return group
def build_group(self, *args, **kwargs):
"""
Build a group, parametrizing over the selected instances/platforms.
https://buildkite.com/docs/pipelines/group-step
"""
depends_on_build = kwargs.pop("depends_on_build", True)
combined = overlay_dict(self.per_instance, kwargs)
combined["parallelism"] = self.args.parallelism
return self.add_step(
group(*args, **combined), depends_on_build=depends_on_build
)
def build_key(self, key, arch):
"""Return the Buildkite key for the build step, for the specified arch"""
return key.replace("$(uname -m)", arch).replace(".tar.gz", "")
def build_group_per_arch(self, label, *args, **kwargs):
"""
Build a group, parametrizing over the architectures only.
kwargs consumed by this method and not passed down to `group`:
- `depends_on_build` (default: `True`): Whether the steps in this group depend on the artifacts from the shared compilation steps
- `set_key`: If a string, causes the generated steps to have a "key" field replacing "$(uname -m)" with arch and removing trailing tar.gz
"""
depends_on_build = kwargs.pop("depends_on_build", True)
set_key = kwargs.pop("set_key", None)
combined = overlay_dict(self.per_arch, kwargs)
grp = group(label, *args, **combined)
if set_key:
for step in grp["steps"]:
step["key"] = self.build_key(
set_key, get_arch_for_instance(step["agents"]["instance"])
)
return self.add_step(grp, depends_on_build=depends_on_build)
def to_dict(self):
"""Render the pipeline as a dictionary."""
return {"steps": self.steps}
def to_json(self):
"""Serialize the pipeline to JSON"""
return json.dumps(self.to_dict(), indent=4, sort_keys=True, ensure_ascii=False)
def devtool_download_artifacts(self, artifacts):
"""Generate a `devtool download_ci_artifacts` command"""
parts = ["./tools/devtool -y download_ci_artifacts"]
parts += artifacts
return " ".join(parts)
def devtool_test(self, devtool_opts=None, pytest_opts=None):
"""Generate a `devtool test` command"""
cmds = []
parts = ["./tools/devtool -y test"]
if self.shared_build is not None:
parts.append("--no-build")
if self.artifacts is not None:
parts.append(f"--artifacts '{self.artifacts}'")
if devtool_opts:
parts.append(devtool_opts)
parts.append("--")
if self.binary_dir is not None:
parts.append(f"--binary-dir=../{self.binary_dir}/$(uname -m)")
if pytest_opts:
parts.append(pytest_opts)
cmds.append(" ".join(parts))
return cmds
================================================
FILE: .buildkite/pipeline_coverage.py
================================================
#!/usr/bin/env python3
# Copyright 2025 Amazon.com, Inc. or its affiliates. All Rights Reserved.
# SPDX-License-Identifier: Apache-2.0
"""Generate Buildkite pipelines dynamically"""
from common import BKPipeline
pipeline = BKPipeline(with_build_step=False)
pipeline.build_group(
"coverage",
pipeline.devtool_test(
devtool_opts="--no-build",
pytest_opts="integration_tests/build/test_coverage.py",
),
)
print(pipeline.to_json())
================================================
FILE: .buildkite/pipeline_cpu_template.py
================================================
#!/usr/bin/env python3
# Copyright 2023 Amazon.com, Inc. or its affiliates. All Rights Reserved.
# SPDX-License-Identifier: Apache-2.0
"""Generate Buildkite CPU Template pipelines dynamically"""
from enum import Enum
from common import DEFAULT_PLATFORMS, BKPipeline, group
class BkStep(str, Enum):
"""
Commonly used BuildKite step keywords
"""
LABEL = "label"
TIMEOUT = "timeout"
COMMAND = "command"
ARTIFACTS = "artifact_paths"
cpu_template_test = {
"rdmsr": {
BkStep.COMMAND: [
"tools/devtool -y test --no-build -- -m no_block_pr -n4 --dist worksteal integration_tests/functional/test_cpu_features_x86_64.py -k 'test_cpu_rdmsr' "
],
BkStep.LABEL: "rdmsr",
"instances": [
"m5n.metal",
"m6i.metal",
"m7i.metal-24xl",
"m7i.metal-48xl",
"m6a.metal",
"m7a.metal-48xl",
],
},
"fingerprint": {
BkStep.COMMAND: [
"tools/devtool -y test --no-build -- -m no_block_pr integration_tests/functional/test_cpu_template_helper.py -k test_guest_cpu_config_change",
],
BkStep.LABEL: "fingerprint",
},
"cpuid_wrmsr": {
"snapshot": {
BkStep.COMMAND: [
"tools/devtool -y test --no-build -- -m nonci -n4 --dist worksteal integration_tests/functional/test_cpu_features_x86_64.py -k 'test_cpu_wrmsr_snapshot or test_cpu_cpuid_snapshot'",
"mkdir -pv tests/snapshot_artifacts_upload/{instance}_{os}_{kv}",
"sudo mv tests/snapshot_artifacts/* tests/snapshot_artifacts_upload/{instance}_{os}_{kv}",
],
BkStep.LABEL: "snapshot-create",
BkStep.ARTIFACTS: "tests/snapshot_artifacts_upload/**/*",
BkStep.TIMEOUT: 30,
},
"restore": {
BkStep.COMMAND: [
"buildkite-agent artifact download tests/snapshot_artifacts_upload/{instance}_{os}_{kv}/**/* .",
"mv tests/snapshot_artifacts_upload/{instance}_{os}_{kv} tests/snapshot_artifacts",
"tools/devtool -y test --no-build -- -m nonci -n4 --dist worksteal integration_tests/functional/test_cpu_features_x86_64.py -k 'test_cpu_wrmsr_restore or test_cpu_cpuid_restore'",
],
BkStep.LABEL: "snapshot-restore-src-{instance}-{snapshot_os}-{snapshot_kv}-dst-{restore_instance}-{restore_os}-{restore_kv}",
BkStep.TIMEOUT: 30,
},
"cross_instances": {
"m5n.metal": ["m6i.metal"],
"m6i.metal": ["m5n.metal"],
},
"instances": [
"m5n.metal",
"m6i.metal",
"m7i.metal-24xl",
"m7i.metal-48xl",
"m6a.metal",
],
},
}
def group_snapshot_restore(test_step):
"""
Generate a group step with specified parameters for each instance
and kernel combination and handle "wait" command between steps
https://buildkite.com/docs/pipelines/group-step
"""
groups = []
groups.append(
{
"key": "snapshot",
**group(
label=test_step["snapshot"][BkStep.LABEL],
command=test_step["snapshot"][BkStep.COMMAND],
instances=test_step["instances"],
platforms=DEFAULT_PLATFORMS,
timeout=test_step["snapshot"][BkStep.TIMEOUT],
artifacts=test_step["snapshot"][BkStep.ARTIFACTS],
),
}
)
snapshot_restore_combinations = []
for dp in DEFAULT_PLATFORMS:
for src_instance in test_step["instances"]:
for dst_instance in [src_instance] + test_step["cross_instances"].get(
src_instance, []
):
snapshot_restore_combinations.append(
((dp, src_instance), (dp, dst_instance))
)
steps = []
for combination in snapshot_restore_combinations:
(snapshot_os, snapshot_kv), snapshot_instance = combination[0]
(restore_os, restore_kv), restore_instance = combination[1]
restore_commands = [
command.format(instance=snapshot_instance, os=snapshot_os, kv=snapshot_kv)
for command in test_step["restore"][BkStep.COMMAND]
]
restore_label = test_step["restore"][BkStep.LABEL].format(
instance=snapshot_instance,
snapshot_os=snapshot_os,
snapshot_kv=snapshot_kv,
restore_instance=restore_instance,
restore_os=restore_os,
restore_kv=restore_kv,
)
steps.append(
{
BkStep.COMMAND: restore_commands,
BkStep.LABEL: restore_label,
BkStep.TIMEOUT: test_step["restore"][BkStep.TIMEOUT],
"agents": {
"instance": restore_instance,
"kv": restore_kv,
"os": restore_os,
},
}
)
groups.append(
{"group": "snapshot-restore", "steps": steps, "depends_on": "snapshot"}
)
return groups
if __name__ == "__main__":
BKPipeline.parser.add_argument(
"--test",
choices=list(cpu_template_test),
help="CPU template test",
action="append",
)
pipeline = BKPipeline()
for test in pipeline.args.test or list(cpu_template_test):
if test == "cpuid_wrmsr":
groups = group_snapshot_restore(cpu_template_test[test])
for grp in groups:
pipeline.add_step(grp)
else:
test_data = cpu_template_test[test]
pipeline.build_group(**test_data, artifacts=["./test_results/**/*"])
print(pipeline.to_json())
================================================
FILE: .buildkite/pipeline_cross.py
================================================
#!/usr/bin/env python3
# Copyright 2023 Amazon.com, Inc. or its affiliates. All Rights Reserved.
# SPDX-License-Identifier: Apache-2.0
"""Generate Buildkite Cross Snapshot/Restore pipelines dynamically
1. Generate snapshots for each instance and kernel version
2. wait
3. Restore snapshots across instances and kernels
"""
import itertools
from common import DEFAULT_PLATFORMS, BKPipeline
if __name__ == "__main__":
pipeline = BKPipeline()
per_instance = pipeline.per_instance.copy()
per_instance.pop("instances")
per_instance.pop("platforms")
instances_x86_64 = [
"m5n.metal",
"m6i.metal",
"m7i.metal-24xl",
"m7i.metal-48xl",
"m6a.metal",
"m7a.metal-48xl",
]
instances_aarch64 = ["m7g.metal"]
commands = [
"./tools/devtool -y test --no-build --no-archive -- -m nonci -n4 integration_tests/functional/test_snapshot_phase1.py",
# punch holes in mem snapshot tiles and tar them so they are preserved in S3
"find test_results/test_snapshot_phase1 -type f -name mem |xargs -P4 -t -n1 fallocate -d",
"mv -v test_results/test_snapshot_phase1 snapshot_artifacts",
"mkdir -pv snapshots",
"tar cSvf snapshots/{instance}_{kv}.tar snapshot_artifacts",
]
pipeline.build_group(
"snapshot-create",
commands,
timeout=30,
artifact_paths="snapshots/**/*",
instances=instances_x86_64,
platforms=DEFAULT_PLATFORMS,
)
pipeline.add_step("wait")
# allow-list of what instances can be restores on what other instances (in
# addition to itself)
supported = {
"m5n.metal": ["m6i.metal"],
"m6i.metal": ["m5n.metal"],
}
# https://github.com/firecracker-microvm/firecracker/blob/main/docs/kernel-policy.md#experimental-snapshot-compatibility-across-kernel-versions
aarch64_platforms = [("al2023", "linux_6.1")]
perms_aarch64 = itertools.product(
instances_aarch64, aarch64_platforms, instances_aarch64, aarch64_platforms
)
perms_x86_64 = itertools.product(
instances_x86_64, DEFAULT_PLATFORMS, instances_x86_64, DEFAULT_PLATFORMS
)
steps = []
for (
src_instance,
(_, src_kv),
dst_instance,
(dst_os, dst_kv),
) in itertools.chain(perms_x86_64, perms_aarch64):
# the integration tests already test src == dst, so we skip it
if src_instance == dst_instance and src_kv == dst_kv:
continue
# newer -> older is not supported, and does not work
if src_kv > dst_kv:
continue
if src_instance != dst_instance and dst_instance not in supported.get(
src_instance, []
):
continue
pytest_keyword_for_instance = {
"m5n.metal": "-k 'not None'",
"m6i.metal": "-k 'not None'",
"m6a.metal": "",
}
k_val = pytest_keyword_for_instance.get(dst_instance, "")
step = {
"command": [
f"buildkite-agent artifact download snapshots/{src_instance}_{src_kv}.tar .",
f"tar xSvf snapshots/{src_instance}_{src_kv}.tar",
*pipeline.devtool_test(
pytest_opts=f"-m nonci -n8 --dist worksteal {k_val} integration_tests/functional/test_snapshot_restore_cross_kernel.py",
),
],
"label": f"snapshot-restore-src-{src_instance}-{src_kv}-dst-{dst_instance}-{dst_kv}",
"timeout": 30,
"agents": {"instance": dst_instance, "kv": dst_kv, "os": dst_os},
**per_instance,
}
steps.append(step)
pipeline.add_step(
{"group": "snapshot-restore-across-instances-and-kernels", "steps": steps}
)
print(pipeline.to_json())
================================================
FILE: .buildkite/pipeline_docker_popular.py
================================================
#!/usr/bin/env python3
# Copyright 2025 Amazon.com, Inc. or its affiliates. All Rights Reserved.
# SPDX-License-Identifier: Apache-2.0
"""
Buildkite pipeline for testing popular Docker containers
"""
from common import BKPipeline, random_str
pipeline = BKPipeline()
ROOTFS_TAR = f"rootfs_$(uname -m)_{random_str(k=8)}.tar.gz"
pipeline.build_group_per_arch(
"rootfs-build",
[
"sudo tools/devtool sh 'tools/test-popular-containers/build_rootfs.sh'",
"cd tools/test-popular-containers",
f'tar czf "{ROOTFS_TAR}" *.squashfs *.id_rsa',
f'buildkite-agent artifact upload "{ROOTFS_TAR}"',
],
depends_on_build=False,
set_key=ROOTFS_TAR,
)
pipeline.build_group(
"docker-popular-containers",
[
"./tools/devtool ensure_current_artifacts",
f'buildkite-agent artifact download "{ROOTFS_TAR}" .',
f'tar xzf "{ROOTFS_TAR}" -C tools/test-popular-containers',
'./tools/devtool sh "cd ./tools/test-popular-containers; PYTHONPATH=../../tests ./test-docker-rootfs.py"',
],
depends_on=ROOTFS_TAR,
)
print(pipeline.to_json())
================================================
FILE: .buildkite/pipeline_perf.py
================================================
#!/usr/bin/env python3
# Copyright 2023 Amazon.com, Inc. or its affiliates. All Rights Reserved.
# SPDX-License-Identifier: Apache-2.0
"""Generate Buildkite performance pipelines dynamically"""
# pylint: disable=invalid-name
import os
from common import BKPipeline
# In `devtool_opts`, we restrict both the set of CPUs on which the docker container's threads can run,
# and its memory node. For the cpuset, we pick a continuous set of CPUs from a single NUMA node
# that is large enough so that every firecracker thread can get its own core. We exclude core #0, as
# the operating system sometimes uses it for book-keeping tasks. The memory node (-m parameter)
# has to be the node associated with the NUMA node from which we picked CPUs.
perf_test = {
"virtio-block-sync": {
"label": "virtio-block-sync",
"tests": "integration_tests/performance/test_block.py::test_block_performance -k 'not Async'",
"devtool_opts": "-c 1-10 -m 0",
},
"virtio-block-async": {
"label": "virtio-block-async",
"tests": "integration_tests/performance/test_block.py::test_block_performance -k Async",
"devtool_opts": "-c 1-10 -m 0",
},
"vhost-user-block": {
"label": "vhost-user-block",
"tests": "integration_tests/performance/test_block.py::test_block_vhost_user_performance",
"devtool_opts": "-c 1-10 -m 0",
"ab_opts": "--noise-threshold 0.1",
},
"network": {
"label": "network",
"tests": "integration_tests/performance/test_network.py",
"devtool_opts": "-c 1-10 -m 0",
},
"snapshot-latency": {
"label": "snapshot-latency",
"tests": "integration_tests/performance/test_snapshot.py::test_restore_latency integration_tests/performance/test_snapshot.py::test_post_restore_latency integration_tests/performance/test_snapshot.py::test_snapshot_create_latency",
"devtool_opts": "-c 1-12 -m 0",
},
"population-latency": {
"label": "population-latency",
"tests": "integration_tests/performance/test_snapshot.py::test_population_latency",
"devtool_opts": "-c 1-12 -m 0",
},
"vsock-throughput": {
"label": "vsock-throughput",
"tests": "integration_tests/performance/test_vsock.py",
"devtool_opts": "-c 1-10 -m 0",
},
"memory-overhead": {
"label": "memory-overhead",
"tests": "integration_tests/performance/test_memory_overhead.py",
"devtool_opts": "-c 1-10 -m 0",
},
"boottime": {
"label": "boottime",
"tests": "integration_tests/performance/test_boottime.py::test_boottime",
"devtool_opts": "-c 1-10 -m 0",
},
"process-startup": {
"label": "process-startup",
"tests": "integration_tests/performance/test_process_startup_time.py",
"devtool_opts": "-c 1-10 -m 0",
},
"jailer": {
"label": "jailer",
"tests": "integration_tests/performance/test_jailer.py",
"devtool_opts": "-c 1-10 -m 0",
},
"pmem": {
"label": "pmem",
"tests": "integration_tests/performance/test_pmem.py",
"devtool_opts": "-c 1-10 -m 0",
},
"mmds": {
"label": "mmds",
"tests": "integration_tests/performance/test_mmds.py",
"devtool_opts": "-c 1-10 -m 0",
},
"memory-hotplug": {
"label": "memory-hotplug",
"tests": "integration_tests/performance/test_hotplug_memory.py",
"devtool_opts": "-c 1-10 -m 0",
},
}
REVISION_A = os.environ.get("REVISION_A")
REVISION_B = os.environ.get("REVISION_B")
REVISION_A_ARTIFACTS = os.environ.get("REVISION_A_ARTIFACTS")
REVISION_B_ARTIFACTS = os.environ.get("REVISION_B_ARTIFACTS")
# Either both are specified or neither. Only doing either is a bug. If you want to
# run performance tests _on_ a specific commit, specify neither and put your commit
# into buildkite's "commit" field.
assert (REVISION_A and REVISION_B) or (not REVISION_A and not REVISION_B)
assert (REVISION_A_ARTIFACTS and REVISION_B_ARTIFACTS) or (
not REVISION_A_ARTIFACTS and not REVISION_B_ARTIFACTS
)
BKPipeline.parser.add_argument(
"--test",
choices=list(perf_test.keys()),
required=False,
help="performance test",
action="append",
)
retry = {}
if REVISION_A:
# Enable automatic retry and disable manual retries to suppress spurious issues.
retry["automatic"] = [
{"exit_status": -1, "limit": 1},
{"exit_status": 1, "limit": 1},
]
retry["manual"] = False
pipeline = BKPipeline(
# Boost priority from 1 to 2 so these jobs are preferred by ag=1 agents
priority=2,
# use ag=1 instances to make sure no two performance tests are scheduled on the same instance
agents={"ag": 1},
retry=retry,
)
tests = [perf_test[test] for test in pipeline.args.test or perf_test.keys()]
for test in tests:
devtool_opts = test.pop("devtool_opts")
test_selector = test.pop("tests")
ab_opts = test.pop("ab_opts", "")
devtool_opts += " --performance"
test_script_opts = ""
artifacts = []
if REVISION_A:
devtool_opts += " --ab"
test_script_opts = f'{ab_opts} run --binaries-a build/{REVISION_A}/ --binaries-b build/{REVISION_B} --pytest-opts "{test_selector}"'
if REVISION_A_ARTIFACTS:
artifacts.append(REVISION_A_ARTIFACTS)
artifacts.append(REVISION_B_ARTIFACTS)
test_script_opts += f" --artifacts-a {REVISION_A_ARTIFACTS} --artifacts-b {REVISION_B_ARTIFACTS}"
else:
# Passing `-m ''` below instructs pytest to collect tests regardless of
# their markers (e.g. it will collect both tests marked as nonci, and
# tests without any markers).
test_script_opts += f" -m '' {test_selector}"
command = []
if artifacts:
command.append(pipeline.devtool_download_artifacts(artifacts))
command.extend(pipeline.devtool_test(devtool_opts, test_script_opts))
pipeline.build_group(
command=command,
# and the rest can be command arguments
**test,
)
# Stores the info about pinning tests to agents with particular kernel versions.
# For example, the following:
# pins = {
# "linux_6.1-pinned": {"instance": "m6i.metal", "kv": "linux_6.1"},
# }
# will pin steps running on instances "m6i.metal" with kernel version tagged "linux_6.1"
# to a new kernel version tagged "linux_6.1-pinned"
pins = {}
def apply_pins(steps):
"""Apply pins"""
new_steps = []
for step in steps:
if isinstance(step, str):
pass
elif "group" in step:
step["steps"] = apply_pins(step["steps"])
else:
agents = step["agents"]
for new_kv, match in pins.items():
# if all keys match, apply pin
if all(agents[k] == v for k, v in match.items()):
step["agents"]["kv"] = new_kv
break
new_steps.append(step)
return new_steps
pipeline.steps = apply_pins(pipeline.steps)
print(pipeline.to_json())
================================================
FILE: .buildkite/pipeline_pr.py
================================================
#!/usr/bin/env python3
# Copyright 2022 Amazon.com, Inc. or its affiliates. All Rights Reserved.
# SPDX-License-Identifier: Apache-2.0
"""Generate Buildkite pipelines dynamically"""
from common import BKPipeline, get_changed_files, run_all_tests
# Buildkite default job priority is 0. Setting this to 1 prioritizes PRs over
# scheduled jobs and other batch jobs.
DEFAULT_PRIORITY = 1
DEFAULTS_PERF = {
"priority": DEFAULT_PRIORITY + 1,
"agents": {"ag": 1},
}
changed_files = get_changed_files()
DOC_ONLY_CHANGE = False
if changed_files and all(f.suffix == ".md" for f in changed_files):
DOC_ONLY_CHANGE = True
pipeline = BKPipeline(
priority=DEFAULT_PRIORITY,
timeout_in_minutes=45,
with_build_step=not DOC_ONLY_CHANGE,
)
pipeline.add_step(
{
"command": "./tools/devtool -y checkstyle",
"label": "style",
},
depends_on_build=False,
)
# run sanity build of devtool if Dockerfile is changed
if any(x.parent.name == "devctr" for x in changed_files):
pipeline.build_group_per_arch(
"dev-container-sanity-build",
"./tools/devtool -y build_devctr && DEVCTR_IMAGE_TAG=latest ./tools/devtool test --no-build -- integration_tests/functional/test_api.py",
)
if any(
x.parent.name == "tools" and ("release" in x.name or x.name == "devtool")
for x in changed_files
):
pipeline.build_group_per_arch(
"release-sanity-build",
"./tools/devtool -y make_release",
depends_on_build=False,
)
if not pipeline.args.no_kani and (
not changed_files
or any(x.suffix in [".rs", ".toml", ".lock"] for x in changed_files)
or any(x.parent.name == "devctr" for x in changed_files)
or any(x.name == "test_kani.py" for x in changed_files)
):
kani_grp = pipeline.build_group(
"kani",
"./tools/devtool -y test --no-build -- ../tests/integration_tests/test_kani.py -n auto",
# Kani step default
# Kani runs fastest on m6a.metal
instances=["m6a.metal", "m7g.metal"],
platforms=[("al2023", "linux_6.1")],
timeout_in_minutes=300,
**DEFAULTS_PERF,
depends_on_build=False,
)
if run_all_tests(changed_files):
pipeline.build_group(
"build",
pipeline.devtool_test(pytest_opts="integration_tests/build/"),
depends_on_build=False,
)
pipeline.build_group(
"functional-and-security",
pipeline.devtool_test(
pytest_opts="-n 16 --dist worksteal integration_tests/{{functional,security}}",
),
)
pipeline.build_group(
"performance",
pipeline.devtool_test(
devtool_opts="--performance -c 1-10 -m 0",
pytest_opts="../tests/integration_tests/performance/",
),
**DEFAULTS_PERF,
)
print(pipeline.to_json())
================================================
FILE: .buildkite/pipeline_pr_no_block.py
================================================
#!/usr/bin/env python3
# Copyright 2023 Amazon.com, Inc. or its affiliates. All Rights Reserved.
# SPDX-License-Identifier: Apache-2.0
"""Generate Buildkite pipelines dynamically"""
from common import BKPipeline, get_changed_files, run_all_tests
# Buildkite default job priority is 0. Setting this to 1 prioritizes PRs over
# scheduled jobs and other batch jobs.
DEFAULT_PRIORITY = 1
pipeline = BKPipeline(
with_build_step=False,
timeout_in_minutes=45,
# some non-blocking tests are performance, so make sure they get ag=1 instances
priority=DEFAULT_PRIORITY + 1,
agents={"ag": 1},
)
pipeline.build_group(
"optional",
pipeline.devtool_test(
devtool_opts="--performance -c 1-10 -m 0",
pytest_opts="integration_tests/ -m no_block_pr --log-cli-level=INFO",
),
)
if not run_all_tests(get_changed_files()):
pipeline.steps = []
print(pipeline.to_json())
================================================
FILE: .buildkite/pipeline_release_qa.py
================================================
#!/usr/bin/env python3
# Copyright 2025 Amazon.com, Inc. or its affiliates. All Rights Reserved.
# SPDX-License-Identifier: Apache-2.0
"""
Buildkite pipeline for release QA
"""
from common import BKPipeline
pipeline = BKPipeline(with_build_step=False)
# NOTE: we need to escape $ using $$ otherwise buildkite tries to replace it instead of the shell
pipeline.add_step(
{
"label": "download-release",
"if": 'build.env("VERSION") != "dev"',
"command": [
"aws s3 sync --no-sign-request s3://spec.ccfc.min/firecracker-ci/firecracker/$$VERSION release-$$VERSION",
'buildkite-agent artifact upload "release-$$VERSION/**/*"',
],
},
depends_on_build=False,
)
pipeline.build_group_per_arch(
"make-release",
# if is a keyword for python, so we need this workaround to expand it as a kwarg
**{"if": 'build.env("VERSION") == "dev"'},
command=[
"./tools/devtool -y make_release",
"RELEASE_DIR=$$(echo release-*dev-$$(uname -m))",
"RELEASE_SUFFIX=$${{RELEASE_DIR#release}}",
"OUT_DIR=release-$$VERSION/$$(uname -m)",
"mkdir -p $$OUT_DIR",
(
"for f in $$RELEASE_DIR/*-$$(uname -m); do"
" mv $$f $$OUT_DIR/$$(basename $$f $$RELEASE_SUFFIX);"
" mv $$f.debug $$OUT_DIR/$$(basename $$f $$RELEASE_SUFFIX).debug;"
"done"
),
'buildkite-agent artifact upload "release-$$VERSION/**/*"',
],
depends_on_build=False,
)
# The devtool expects the examples to be in the same folder as the binaries to run some tests
# (for example, uffd handler tests). Build them and upload them in the same folder.
pipeline.build_group_per_arch(
"build-examples",
command=[
"CARGO_TARGET=$$(uname -m)-unknown-linux-musl",
"./tools/devtool -y sh cargo build --target $$CARGO_TARGET --release --examples",
"mkdir -p release-$$VERSION/$$(uname -m)/",
"cp -R build/cargo_target/$$CARGO_TARGET/release/examples release-$$VERSION/$$(uname -m)/",
'buildkite-agent artifact upload "release-$$VERSION/**/*"',
],
depends_on_build=False,
)
pipeline.add_step("wait", depends_on_build=False)
pipeline.add_step(
{
"label": "run-pr-pipeline",
"command": (
".buildkite/pipeline_pr.py --binary-dir release-$$VERSION "
"| jq '(..|select(.priority? != null).priority) += 100' "
"| buildkite-agent pipeline upload"
),
},
depends_on_build=False,
)
print(pipeline.to_json())
================================================
FILE: .cargo/audit.toml
================================================
[advisories]
# The `paste` dependency is transitively included via `gdbstub`.
# While the crate is archived/unmaintained, the author considers it feature-complete
# and functionally stable. gdbstub will be update once they migrate
# to an alternative solution.
# See https://github.com/daniel5151/gdbstub/issues/168
ignore = ["RUSTSEC-2024-0436"]
================================================
FILE: .cargo/config.toml
================================================
[build]
target-dir = "build/cargo_target"
rustflags = [
"-Ccodegen-units=1",
]
[net]
git-fetch-with-cli = true
[env]
AWS_LC_SYS_NO_JITTER_ENTROPY = "1"
# disable AVX512 as it adds 600k of binary size
# this was only used for MMDS token generation
AWS_LC_SYS_CFLAGS = "-DMY_ASSEMBLER_IS_TOO_OLD_FOR_512AVX"
================================================
FILE: .dockerignore
================================================
.git/
build/
src/
tests/
docs/
resources/
tools/test-popular-containers/
test_results/
================================================
FILE: .git-blame-ignore-revs
================================================
8d2463fa21386d6c0c90b2010aaee5550b505c87
ae93e49470433648b144a64514eef708cce15143
45739f4b57b7b824473b612aefebec8b7c2e31fd
7221ae7f943bcd127c6710e81d9fa2f520afa073
7c4687fab64d4dd574fe43cf583a302b43ce53ab
================================================
FILE: .github/CODEOWNERS
================================================
# All markdown files
*.md @xmarcalx @kalyazin @pb8o @Manciukic
# But not the ones in docs/
docs/*.md
# Except these specific ones
docs/getting-started.md @xmarcalx @kalyazin @pb8o @Manciukic
docs/prod-host-setup.md @xmarcalx @kalyazin @pb8o @Manciukic
# Also cover all "*policy*.md" documents
**/*policy*.md @xmarcalx @kalyazin @pb8o @Manciukic
**/*POLICY*.md @xmarcalx @kalyazin @pb8o @Manciukic
# Also these non-md files in the repository root
THIRD_PARTY @xmarcalx @kalyazin @pb8o @Manciukic
LICENSE @xmarcalx @kalyazin @pb8o @Manciukic
NOTICE @xmarcalx @kalyazin @pb8o @Manciukic
PGP-KEY.asc @xmarcalx @kalyazin @pb8o @Manciukic
================================================
FILE: .github/ISSUE_TEMPLATE/bug_report.md
================================================
---
name: Bug report
about: Create a report to help us improve
title: '[Bug] Title'
labels: 'Quality: Bug'
assignees: ''
---
# Describe the bug
`[Author TODO: A clear and concise description of what the bug is.]`
## To Reproduce
`[Author TODO: Steps to reproduce the behaviour:]`
1. Start Firecracker via....
1. Configure Firecracker via...
1. ...
## Expected behaviour
`[Author TODO: A clear and concise description of what you expected to happen.]`
## Environment
`[Author TODO: Please supply the following information):]`
- Firecracker version:
- Host and guest kernel versions:
- Rootfs used:
- Architecture:
- Any other relevant software versions:
## Additional context
`[Author TODO: How has this bug affected you?]`
`[Author TODO: What are you trying to achieve?]`
`[Author TODO: Do you have any idea of what the solution might be?]`
## Checks
- [ ] Have you searched the Firecracker Issues database for similar problems?
- [ ] Have you read the existing relevant Firecracker documentation?
- [ ] Are you certain the bug being reported is a Firecracker issue?
================================================
FILE: .github/ISSUE_TEMPLATE/feature_request.md
================================================
---
name: Feature request
about: Suggest an idea for this project
title: '[Feature Request] Title'
labels: ''
assignees: ''
---
# Feature Request
`[Author TODO: Why is this feature request important? What are the use cases? Please describe.]`
## Describe the desired solution
`[Author TODO: A clear and concise description of how you would like the feature to work.]`
## Describe possible alternatives
`[Author TODO: A clear and concise description of any alternative solutions or features you have considered.]`
`[Author TODO: How do you work around not having this feature?]`
## Additional context
`[Author TODO: Add additional context about this feature request here.]`
## Checks
- [ ] Have you searched the Firecracker Issues database for similar requests?
- [ ] Have you read all the existing relevant Firecracker documentation?
- [ ] Have you read and understood Firecracker's core tenets?
================================================
FILE: .github/codecov.yml
================================================
codecov:
# We utilize optional statuses that are okay to fail, so
# having codecov only post if all statuses pass won't work.
require_ci_to_pass: no
notify:
# No need to wait for long running tests if the build tests are done.
wait_for_ci: false
coverage:
# Our target is 80% coverage
range: 80..100
status:
project:
firecracker:
# Allow drop of up to 0.5%
threshold: 0.5%
target: 80%
# There are 15 uploads per commit (|{instance type} x {kernel version}| = 15).
# Codecov will update the comment with every new upload. If we want to instead
# only post the comment after all 15 reports are received, add `after_n_builds: 15`
# below
comment:
# Only relevant for initial report: We want a report even though
# codecov integration is not merged to main yet, to see it works
# without having to go through multiple PR cycles.
require_base: false
================================================
FILE: .github/dependabot.yml
================================================
version: 2
updates:
- package-ecosystem: "cargo"
directory: "/"
schedule:
interval: "weekly"
day: "monday"
allow:
- dependency-type: "all"
groups:
rust-vmm:
patterns:
- "vmm-sys-util"
- "kvm-bindings"
- "kvm-ioctls"
- "vm-memory"
- "vhost"
- "linux-loader"
- "vm-allocator"
- "event-manager"
- "vm-superio"
firecracker:
patterns:
- "*"
exclude-patterns:
- "vmm-sys-util"
- "kvm-bindings"
- "kvm-ioctls"
- "vm-memory"
- "vhost"
- "linux-loader"
- "vm-allocator"
- "event-manager"
- "vm-superio"
- package-ecosystem: "rust-toolchain"
directory: "/"
schedule:
interval: "weekly"
day: "monday"
================================================
FILE: .github/pull_request_template.md
================================================
## Changes
...
## Reason
...
## License Acceptance
By submitting this pull request, I confirm that my contribution is made under
the terms of the Apache 2.0 license. For more information on following Developer
Certificate of Origin and signing off your commits, please check
[`CONTRIBUTING.md`][3].
## PR Checklist
- [ ] I have read and understand [CONTRIBUTING.md][3].
- [ ] I have run `tools/devtool checkbuild --all` to verify that the PR passes
build checks on all supported architectures.
- [ ] I have run `tools/devtool checkstyle` to verify that the PR passes the
automated style checks.
- [ ] I have described what is done in these changes, why they are needed, and
how they are solving the problem in a clear and encompassing way.
- [ ] I have updated any relevant documentation (both in code and in the docs)
in the PR.
- [ ] I have mentioned all user-facing changes in `CHANGELOG.md`.
- [ ] If a specific issue led to this PR, this PR closes the issue.
- [ ] When making API changes, I have followed the
[Runbook for Firecracker API changes][2].
- [ ] I have tested all new and changed functionalities in unit tests and/or
integration tests.
- [ ] I have linked an issue to every new `TODO`.
______________________________________________________________________
- [ ] This functionality cannot be added in [`rust-vmm`][1].
[1]: https://github.com/rust-vmm
[2]: https://github.com/firecracker-microvm/firecracker/blob/main/docs/api-change-runbook.md
[3]: https://github.com/firecracker-microvm/firecracker/blob/main/CONTRIBUTING.md
================================================
FILE: .github/workflows/deny_dirty_cargo_locks.yml
================================================
name: Check no Cargo.lock files are dirty
on: pull_request
permissions:
contents: read
jobs:
no_dirty_cargo_locks_check:
runs-on: ubuntu-latest
steps:
- name: "Checkout repository"
uses: actions/checkout@v3
with:
ref: ${{ github.event.pull_request.head.sha }}
- name: "Check no Cargo.lock files are dirty"
run: |
exit_code=0
# This breaks for paths with whitespaces in them, but we have an integration test
# that prevents those from existing in this repository.
for f in $(find . -name 'Cargo.lock' -not -path "./build/*"); do
is_dirty=0
(
cd "$(dirname "$f")"
cargo --locked metadata --format-version 1 >/dev/null 2>&1
) || is_dirty=$?;
# GitHub Actions execute run steps as `bash -e`, so we need the temporary
# variable to not exit early.
if [ $is_dirty -ne 0 ]; then
echo "Lockfile $f is dirty"
exit_code=1
fi
done
exit $exit_code
================================================
FILE: .github/workflows/dependency_modification_check.yml
================================================
name: Check no dependencies were modified
on: pull_request
permissions:
contents: read
jobs:
dependency_changed_check:
runs-on: ubuntu-latest
steps:
- name: "Checkout repository"
uses: actions/checkout@v3
with:
ref: ${{ github.event.pull_request.head.sha }}
- name: "Check Cargo.lock not in changeset"
run: |
git fetch origin
git diff origin/$GITHUB_BASE_REF.. --name-only| ( ! grep "Cargo.lock")
================================================
FILE: .github/workflows/monitor_libseccomp_releases.yml
================================================
name: Monitor libseccomp Releases
on:
schedule:
- cron: '0 0 * * *' # Daily at midnight UTC
workflow_dispatch: # Allow manual trigger
permissions:
issues: write
contents: read
jobs:
check-release:
runs-on: ubuntu-latest
steps:
- name: Checkout repository
uses: actions/checkout@v4
- name: Get current libseccomp version from Dockerfile
id: current
run: |
CURRENT=$(grep 'LIBSECCOMP_VER' tools/devctr/Dockerfile | grep -oP "v[0-9.]+")
echo "version=$CURRENT" >> $GITHUB_OUTPUT
- name: Check for new libseccomp release
id: latest
run: |
LATEST=$(curl -s https://api.github.com/repos/seccomp/libseccomp/releases/latest | jq -r '.tag_name')
echo "version=$LATEST" >> $GITHUB_OUTPUT
- name: Check latest version is newer
id: semver_check
run: |
CURRENT=$(echo ${{ steps.current.outputs.version }} | grep -oP "[0-9.]+")
LATEST=$(echo ${{ steps.latest.outputs.version }} | grep -oP "[0-9.]+")
if ! printf '%s\n%s' "$LATEST" "$CURRENT" | sort -VC && [ "$CURRENT" != "$LATEST" ]; then
echo "is_newer=true" >> $GITHUB_OUTPUT;
else
echo "is_newer=false" >> $GITHUB_OUTPUT;
fi
- name: Check if issue exists
if: steps.semver_check.outputs.is_newer == 'true' # New release has higher semantic version
id: issue_check
run: |
ISSUES=$(curl -s -H "Authorization: token ${{ secrets.GITHUB_TOKEN }}" \
"https://api.github.com/repos/${{ github.repository }}/issues?state=open&labels=dependencies" | \
jq -r --arg tag "${{ steps.latest.outputs.version }}" '[.[] | select(.title | contains("chore(deps): update libseccomp to \($tag)"))] | length')
echo "exists=$ISSUES" >> $GITHUB_OUTPUT
- name: Create issue for new release
id: create_issue
if: steps.semver_check.outputs.is_newer == 'true' && steps.issue_check.outputs.exists == '0' # No existing issue for new version
run: |
gh issue create \
--title "chore(deps): update libseccomp to ${{ steps.latest.outputs.version }}" \
--body "$(cat <<EOF
A new version of libseccomp has been released: **${{ steps.latest.outputs.version }}**
Current version in Dockerfile: **${{ steps.current.outputs.version }}**
Repository: https://github.com/seccomp/libseccomp/releases/tag/${{ steps.latest.outputs.version }}
Please review and consider updating Firecracker's dependency in \`tools/devctr/Dockerfile\`.
EOF
)" \
--label "dependencies"
env:
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
================================================
FILE: .github/workflows/send_pr_notification.yml
================================================
name: Send notification on PR opened
on:
pull_request_target:
types: [labeled]
permissions: {}
jobs:
send_notification:
runs-on: ubuntu-latest
steps:
- name: notify
run: |
if ${{ github.event.label.name == format('Status{0} Awaiting review', ':') }}; then
curl -X POST ${{ secrets.SLACK_PR_NOTIFICATION_WEBHOOK }} \
-H 'Content-Type: application/json' \
-d '{ "GITHUB_PR_URL": "${{ github.event.pull_request.html_url }}",
"PR_ADDITIONS": "${{ github.event.pull_request.additions }}",
"PR_DELETIONS": "${{ github.event.pull_request.deletions }}",
"PR_CHANGED_FILES": "${{ github.event.pull_request.changed_files }}"}'
fi
================================================
FILE: .github/workflows/send_release_notification.yml
================================================
name: Send notification on release created
on:
release:
types: [published]
permissions: {}
jobs:
send_notification:
runs-on: ubuntu-latest
steps:
- name: notify
run: |
curl -X POST ${{ secrets.SLACK_RELEASE_NOTIFICATION_WEBHOOK }} \
-H 'Content-Type: application/json' \
-d '{ "GITHUB_RELEASE_URL": "${{ github.event.release.html_url }}",
"GITHUB_RELEASE_TAG": "${{ github.event.release.tag_name }}"}'
================================================
FILE: .github/workflows/trigger_ab_tests.yml
================================================
on:
push:
branches:
- main
- firecracker-v*
- feature/*
permissions:
contents: read
jobs:
trigger_ab_test:
runs-on: ubuntu-latest
if: ${{ github.event.forced == false }}
steps:
- name: "Check out repository"
uses: actions/checkout@v4
with:
# Required to make it fetch more than the just fetched commits (we need it to resolve at least one commit
# _before_ what was pushed so that below "git diff" works.
fetch-depth: 0
- name: "Trigger Buildkite Pipeline"
run: |
should_schedule_ab_test=0
# Iterates over all files modified in the just-merged PR. If any of them is rust-related (e.g. .rs, .toml,
# .lock or .cargo/config) or a seccomp definition (resources/seccomp/*), sets `should_schedule_ab_test` to 1,
# meaning we will schedule a build of the A/B-testing pipeline to check the just-merged PR for
# performance regressions.
for f in $(git --no-pager diff --name-only ${{ github.event.before }}..${{ github.event.after }}); do
if [[ "$(basename $f)" =~ (\.(rs|toml|lock)|config)$ ]] || [[ "$f" =~ ^resources/seccomp/ ]]; then
should_schedule_ab_test=1
fi
done
if [[ $should_schedule_ab_test -eq 1 ]]; then
curl -X POST https://api.buildkite.com/v2/organizations/firecracker/pipelines/performance-a-b-tests/builds \
-H 'Content-Type: application/json' \
-H 'Authorization: Bearer ${{ secrets.BUILDKITE_TOKEN }}' \
-d "{
\"commit\": \"HEAD\",
\"branch\": \"$GITHUB_REF_NAME\",
\"env\": {
\"REVISION_A\": \"${{ github.event.before }}\",
\"REVISION_B\": \"${{ github.event.after }}\"
}
}"
fi
================================================
FILE: .gitignore
================================================
/build/
/.ipython/
/.kernel/
target
*.rs.bk
*.iml
.idea
__pycache__
*.pyc
.vscode
test_results/*
tags
*.core
*.profraw
.DS_Store
*.bin
/resources/linux
/resources/x86_64
/resources/aarch64
================================================
FILE: .gitlint
================================================
[general]
regex-style-search=True
[title-max-length]
line-length=72
[body-max-line-length]
line-length=72
[ignore-body-lines]
# Ignore HTTP reference links
# Ignore lines that start with 'Co-Authored-By', with 'Signed-off-by' or with 'Fixes'
regex=(^\[.+\]: http.+)|(^Co-Authored-By)|(^Signed-off-by)|(^Fixes:)
[ignore-by-author-name]
# Ignore certain rules for commits of which the author name matches a regex
# E.g. Match commits made by dependabot
regex=dependabot
# Ignore certain rules, you can reference them by their id or by their full name
# Use 'all' to ignore all rules. Dependabot constructs commit bodies from
# changelogs, so disable all rules.
ignore=all
================================================
FILE: .mailmap
================================================
Alexandra Iordache <aghecen@amazon.com> Alexandra Ghecenco <aghecen@amazon.com>
Alexandru Branciog <branciog@amazon.com> <31914537+alexbranciog@users.noreply.github.com>
Bogdan Ionita <bci@amazon.com> <bci@u249973545f4b59.ant.amazon.com>
Liu Jiang <gerry@linux.alibaba.com> <liu.jiang@alibaba-inc.com>
Marc Brooker <mbrooker@amazon.com> <marcbrooker@users.noreply.github.com>
Radu Weiss <raduweis@amazon.com> <31901393+raduweiss@users.noreply.github.com>
Rolf Neugebauer <neugebar@amazon.com> <rn@rneugeba.io>
Serban Iorga <seriorga@amazon.com> <serban300@gmail.com>
Julian Stecklina <js@alien8.de> <jsteckli@amazon.de>
Tamio-Vesa Nakajima <tamiove@amazon.com> <tnk@amazon.com>
Iulian Barbu <iul@amazon.com>
Petre Eftime <epetre@amazon.com> <petre.eftime@gmail.com>
karthik nedunchezhiyan <karthik.n@zohocorp.com> <karthik1705.n@gmail.com>
Alin Dima <alindima@amazon.com>
Andrei Sandu <sandreim@amazon.com> <54316454+sandreim@users.noreply.github.com>
Diana Popa <dpopa@amazon.com> <dpopa@38f9d3563971.ant.amazon.com>
Alexandru Cihodaru <cihodar@amazon.com>
Liviu Berciu <lberciu@amazon.com>
Jonathan Woollett-Light <jcawl@amazon.co.uk> <jonathanwoollettlight@gmail.com>
Jonathan Woollett-Light <jcawl@amazon.co.uk> <jonthanwoollettlight@gmail.com>
Sudan Landge <sudanl@amazon.co.uk> <119602619+sudanl0@users.noreply.github.com>
Sudan Landge <sudanl@amazon.co.uk> <sudanl@amazon.com>
karthik nedunchezhiyan <karthik.n@zohocorp.com>
Babis Chalios <bchalios@amazon.es> <babis.chalios@gmail.com>
Pablo Barbáchano <pablob@amazon.com>
Nikita Kalyazin <kalyazin@amazon.co.uk> <kalyazin@amazon.com>
Trăistaru Andrei Cristian <atc@amazon.com>
Trăistaru Andrei Cristian <atc@amazon.com> <56828222+andreitraistaru@users.noreply.github.com>
Takahiro Itazuri <itazur@amazon.com> <zulinx86@gmail.com>
Jack Thomson <jackabt@amazon.co.uk> <jackabt@amazon.com>
Ashwin Ginoria <aginoria@amazon.com> <ec2-user@ip-10-0-10-88.us-west-2.compute.internal>
Muskaan Singla <msinglaa@amazon.com> <ec2-user@ip-172-31-1-28.us-west-2.compute.internal>
Egor Lazarchuk <yegorlz@amazon.co.uk>
Nikita Zakirov <zakironi@amazon.com> <ec2-user@ip-10-0-15-219.us-west-2.compute.internal>
Tomoya Iwata <iwata.tomoya@classmethod.jp>
Andrea Manzini <andrea.manzini@suse.com> <ilmanzo@gmail.com>
Colin Percival <cperciva@freebsd.org> <cperciva@tarsnap.com>
================================================
FILE: .mdformat.toml
================================================
wrap = 80
# Defaults from https://mdformat.readthedocs.io/en/stable/users/configuration_file.html
number = false
end_of_line = "lf"
================================================
FILE: .python-version
================================================
3.10.14
================================================
FILE: CHANGELOG.md
================================================
# Changelog
All notable changes to this project will be documented in this file.
The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
and this project adheres to
[Semantic Versioning](https://semver.org/spec/v2.0.0.html).
## [Unreleased]
### Added
- [#5323](https://github.com/firecracker-microvm/firecracker/pull/5323): Add
support for Vsock Unix domain socket path overriding on snapshot restore. More
information can be found in the
[docs](docs/vsock.md/#unix-domain-socket-renaming).
### Changed
### Deprecated
### Removed
### Fixed
- [#5762](https://github.com/firecracker-microvm/firecracker/pull/5762): Cap
virtio-rng per-request entropy to 64 KiB. Previously, a guest could construct
a descriptor chain that caused Firecracker to allocate more host memory than
the guest actually provided, potentially leading to excessive host memory
consumption.
## [1.15.0]
### Added
- [#5510](https://github.com/firecracker-microvm/firecracker/pull/5510),
[#5593](https://github.com/firecracker-microvm/firecracker/pull/5593),
[#5564](https://github.com/firecracker-microvm/firecracker/pull/5564): Add
support for the
[VMClock device](https://uapi-group.org/specifications/specs/vmclock). The
implementation supports the snapshot safety features proposed
[here](https://lore.kernel.org/lkml/20260107132514.437-1-bchalios@amazon.es/),
but doesn't provide currently any clock-specific information for helping the
guest synchronize its clocks. More information can be found in
[docs](docs/snapshotting/snapshot-support.md#userspace-notifications-of-loading-virtual-machine-snapshots).
- [#5574](https://github.com/firecracker-microvm/firecracker/pull/5574),
[#5671](https://github.com/firecracker-microvm/firecracker/pull/5671),
[#5674](https://github.com/firecracker-microvm/firecracker/pull/5674)
[#5690](https://github.com/firecracker-microvm/firecracker/pull/5690) Added
Intel Granite Rapids as a supported and tested platform for Firecracker on 6.1
host kernel versions.
### Changed
- [#5564](https://github.com/firecracker-microvm/firecracker/pull/5564): which
added support for VMClock, uses one extra GSI for the VMClock device itself
which reduces the available GSIs for VirtIO devices. New maximum values is 92
devices on Aarch64 and 17 devices on x86.
- [#5631](https://github.com/firecracker-microvm/firecracker/pull/5631): Update
binary copy process inside Jailer to disallow symlinks and hardlinks at the
destination path and change ownership of the copied binary to the specified
uid/gid.
### Deprecated
### Removed
### Fixed
- [#5688](https://github.com/firecracker-microvm/firecracker/pull/5688): Fixed
vsock local port reuse across snapshot restore by saving the last used local
port into the snapshot, so users need to regenerate snapshots.
- [#5698](https://github.com/firecracker-microvm/firecracker/pull/5698): Fixed
the possible ENXIO error which could occur during file open operation if the
underlying file is FIFO without active readers already attached.
- [#5705](https://github.com/firecracker-microvm/firecracker/pull/5705): Fixed a
bug that caused Firecracker to corrupt the memory files of differential
snapshots for VMs with multiple memory slots. This affected VMs using memory
hot-plugging or any x86 VMs with a memory size larger than 3GiB.
- [#5739](https://github.com/firecracker-microvm/firecracker/pull/5739): Fixed
validation of TCP SYN options length when MMDS is enabled.
## [1.14.0]
### Added
- [#5350](https://github.com/firecracker-microvm/firecracker/pull/5350): Added a
`/serial` endpoint, which allows setting `serial_out_path` to the path of a
pre-created file into which Firecracker should redirect output from the
guest's serial console. Not configuring it means Firecracker will continue to
print serial output to stdout. Similarly to the logger, this configuration is
not persisted across snapshots.
- [#5463](https://github.com/firecracker-microvm/firecracker/pull/5463): Added
support for `virtio-pmem` devices. See [documentation](docs/pmem.md) for more
information.
- [#5534](https://github.com/firecracker-microvm/firecracker/pull/5534): Added
support for memory hot-plugging through the `virtio-mem` device. See
[documentation](docs/memory-hotplug.md) for more information.
- [#5491](https://github.com/firecracker-microvm/firecracker/pull/5491): Added
support for `virtio-balloon` free page reporting and hinting. Free page
reporting is a developer preview not for production feature. See
[documentation](docs/ballooning.md) for more information.
### Changed
- [#4028](https://github.com/firecracker-microvm/firecracker/pull/4028):
Firecracker now creates the log and metrics files if they do not exist,
simplifying the launch of Firecracker by removing a manual step.
- [#5516](https://github.com/firecracker-microvm/firecracker/pull/5516): Balloon
stats now supports guest kernel >= 6.12, adding metrics on guest OOM kills,
memory allocation stalls, and memory scan/reclaim info.
- [#5526](https://github.com/firecracker-microvm/firecracker/pull/5526): Specify
IA32_MTRRdefType MSR on VM boot to allow it to set page attributes for memory
regions.
### Deprecated
### Removed
- [#5439](https://github.com/firecracker-microvm/firecracker/pull/5439): Removed
the `rx_partial_writes`, `tx_partial_reads`, `sync_response_fails`,
`sync_vmm_send_timeout_count`, `deprecated_cmd_line_api_calls`, `log_fails`
and `device_events` metrics, as they were never incremented.
### Fixed
- [#5418](https://github.com/firecracker-microvm/firecracker/pull/5418): Fixed
typo in Swagger definition of `MmdsConfig`, where the property `imds_compat`
was spelled as `imds_comat`. This caused auto-generated clients to create bad
requests.
- [#5447](https://github.com/firecracker-microvm/firecracker/pull/5447): Fixed
Intel AMX enabling for kernels that support dynamic XSTATE features for
userspace applications but not for KVM guests (e.g. kernel versions >= 5.16
and < 5.17).
- [#5485](https://github.com/firecracker-microvm/firecracker/pull/5485): Fixed a
bug causing a read/write from an iovec to be duplicated when receiving an
error on an iovec other than the first. This caused a data corruption issue in
the vsock device starting from guest kernel 6.17.
- [#5494](https://github.com/firecracker-microvm/firecracker/pull/5494): Fixed a
watchdog soft lockup bug on microVMs restored from snapshots by calling
KVM_KVMCLOCK_CTRL ioctl before resuming.
- [#5538](https://github.com/firecracker-microvm/firecracker/pull/5538): Fixed a
cache coherency issue on non-FWB aarch64 platforms by adding `dma-coherent`
property to virtio-mmio nodes in the FDT.
## [1.13.0]
### Added
- [#5139](https://github.com/firecracker-microvm/firecracker/pull/5139): Added
support for [PVTime](https://docs.kernel.org/virt/kvm/arm/pvtime.html). This
is used to support steal time on ARM machines.
- [#5175](https://github.com/firecracker-microvm/firecracker/pull/5175): Allow
including a custom cpu template directly in the json configuration file passed
to `--config-file` under the `cpu_config` key.
- [#5274](https://github.com/firecracker-microvm/firecracker/pull/5274): Allow
taking diff snapshots even if dirty page tracking is disabled, by using
`mincore(2)` to overapproximate the set of dirty pages. Only works if swap is
disabled.
- [#5290](https://github.com/firecracker-microvm/firecracker/pull/5290):
Extended MMDS to support the EC2 IMDS-compatible session token headers (i.e.
"X-aws-ec2-metadata-token" and "X-aws-ec2-metadata-token-ttl-seconds")
alongside the MMDS-specific ones.
- [#5290](https://github.com/firecracker-microvm/firecracker/pull/5290): Added
`mmds.rx_invalid_token` and `mmds.rx_no_token` metrics to track the number of
GET requests that were rejected due to token validation failures in MMDS
version 2. These metrics also count requests that would be rejected in MMDS
version 2 when MMDS version 1 is configured. They helps users assess readiness
for migrating to MMDS version 2.
- [#5310](https://github.com/firecracker-microvm/firecracker/pull/5310): Added
an optional `imds_compat` field (default to false if not provided) to PUT
requests to `/mmds/config` to enforce MMDS to always respond plain text
contents in the IMDS format regardless of the `Accept` header in requests.
Users need to regenerate snapshots.
- [#5364](https://github.com/firecracker-microvm/firecracker/pull/5364): Added
PCI support in Firecracker. PCI support is optional. Users can enable it
passing the `--enable-pci` flag when launching the Firecracker process. When
Firecracker process is launched with PCI support, it will create all VirtIO
devices using a PCI VirtIO transport. If not enabled, Firecracker will use the
MMIO transport instead.
### Changed
- [#5165](https://github.com/firecracker-microvm/firecracker/pull/5165): Changed
Firecracker snapshot feature from developer preview to generally available.
Incremental snapshots remain in developer preview.
- [#5282](https://github.com/firecracker-microvm/firecracker/pull/5282): Updated
jailer to no longer require the executable file name to contain `firecracker`.
- [#5290](https://github.com/firecracker-microvm/firecracker/pull/5290): Changed
MMDS to validate the value of "X-metadata-token-ttl-seconds" header only if it
is a PUT request to /latest/api/token, as in EC2 IMDS.
- [#5290](https://github.com/firecracker-microvm/firecracker/pull/5290): Changed
MMDS version 1 to support the session oriented method as in version 2,
allowing easier migration to version 2. Note that MMDS version 1 accepts a GET
request even with no token or an invalid token so that existing workloads
continue to work.
### Deprecated
- [#5274](https://github.com/firecracker-microvm/firecracker/pull/5274):
Deprecated the `enable_diff_snapshots` parameter of the `/snapshot/load` API.
Use `track_dirty_pages` instead.
### Removed
- [#5411](https://github.com/firecracker-microvm/firecracker/pull/5411): Removed
official support for Intel Skylake instances. Firecracker will continue to
work on those instances, but we will no longer perform automated testing on
them.
### Fixed
- [#5222](https://github.com/firecracker-microvm/firecracker/pull/5222): Fixed
network and rng devices locking up on hosts with non 4K pages.
- [#5226](https://github.com/firecracker-microvm/firecracker/pull/5226): Fixed
MMDS to set `Content-Type` header correctly (i.e. `Content-Type: text/plain`
for IMDS-formatted or error responses and `Content-Type: application/json` for
JSON-formatted responses).
- [#5260](https://github.com/firecracker-microvm/firecracker/pull/5260): Fixed a
bug allowing the block device to starve all other devices when backed by a
sufficiently slow drive.
- [#4207](https://github.com/firecracker-microvm/firecracker/issues/4207): Fixed
GSI numbering on aarch64 to correctly allow up to 96 devices being attached
simultaneously.
- [#5290](https://github.com/firecracker-microvm/firecracker/pull/5290): Fixed
MMDS to reject PUT requests containing `X-Forwarded-For` header regardless of
its casing (e.g. `x-forwarded-for`).
- [#5328](https://github.com/firecracker-microvm/firecracker/pull/5328): Fixed
MMDS to set the token TTL header (i.e. "X-metadata-token-ttl-seconds" or
"X-aws-ec2-metadata-token-ttl-seconds") in the response to "PUT
/latest/api/token", as EC2 IMDS does.
## [1.12.0]
### Added
- [#5048](https://github.com/firecracker-microvm/firecracker/pull/5048): Added
support for [PVH boot mode](docs/pvh.md). This is used when an x86 kernel
provides the appropriate ELF Note to indicate that PVH boot mode is supported.
Linux kernels newer than 5.0 compiled with `CONFIG_PVH=y` set this ELF Note,
as do FreeBSD kernels.
- [#5065](https://github.com/firecracker-microvm/firecracker/pull/5065) Added
support for Intel AMX (Advanced Matrix Extensions). To be able to take and
restore a snapshot of Intel AMX state, `Xsave` is used instead of `kvm_xsave`,
so users need to regenerate snapshots.
- [#4731](https://github.com/firecracker-microvm/firecracker/pull/4731): Added
support for modifying the host TAP device name during snapshot restore.
- [#5146](https://github.com/firecracker-microvm/firecracker/pull/5146): Added
Intel Sapphire Rapids as a supported and tested platform for Firecracker.
- [#5148](https://github.com/firecracker-microvm/firecracker/pull/5148): Added
ARM Graviton4 as a supported and tested platform for Firecracker.
### Changed
- [#5118](https://github.com/firecracker-microvm/firecracker/pull/5118): Cleared
WAITPKG CPUID bit in CPUID normalization. The feature enables a guest to put a
physical processor into an idle state, which is undesirable in a FaaS
environment since that is what the host wants to decide.
- [#5142](https://github.com/firecracker-microvm/firecracker/pull/5142):
Clarified what CPU models are supported by each existing CPU template.
Firecracker exits with an error if a CPU template is used on an unsupported
CPU model.
### Deprecated
- [#4948](https://github.com/firecracker-microvm/firecracker/pull/4948):
Deprecated the `page_size_kib` field in the
[UFFD handshake](docs/snapshotting/handling-page-faults-on-snapshot-resume.md#registering-memory-to-be-handled-via-userfault-file-descriptors),
and replaced it with a `page_size` field. The `page_size_kib` field is
misnamed, as the value Firecracker sets it to is actually the page size in
_bytes_, not KiB. It will be removed in Firecracker 2.0.
### Fixed
- [#5074](https://github.com/firecracker-microvm/firecracker/pull/5074) Fix the
`SendCtrlAltDel` command not working for ACPI-enabled guest kernels, by
dropping the i8042.nopnp argument from the default kernel command line
Firecracker constructs.
- [#5122](https://github.com/firecracker-microvm/firecracker/pull/5122): Keep
the UFFD Unix domain socket open to prevent the race condition between the
guest memory mappings message and the shutdown event that was sometimes
causing arrival of an empty message on the UFFD handler side.
- [#5143](https://github.com/firecracker-microvm/firecracker/pull/5143): Fixed
to report `process_startup_time_us` and `process_startup_time_cpu_us` metrics
for `api_server` right after the API server starts, while previously reported
before applying seccomp filter and starting the API server. Users may observe
a bit longer startup time metrics.
## [1.11.0]
### Added
- [#4987](https://github.com/firecracker-microvm/firecracker/pull/4987): Reset
physical counter register (`CNTPCT_EL0`) on VM startup. This avoids VM reading
the host physical counter value. This is only possible on 6.4 and newer
kernels. For older kernels physical counter will still be passed to the guest
unmodified. See more info
[here](https://github.com/firecracker-microvm/firecracker/blob/main/docs/prod-host-setup.md#arm-only-vm-physical-counter-behaviour)
- [#5088](https://github.com/firecracker-microvm/firecracker/pull/5088): Added
AMD Genoa as a supported and tested platform for Firecracker.
### Changed
- [#4913](https://github.com/firecracker-microvm/firecracker/pull/4913): Removed
unnecessary fields (`max_connections` and `max_pending_resets`) from the
snapshot format, bumping the snapshot version to 5.0.0. Users need to
regenerate snapshots.
- [#4926](https://github.com/firecracker-microvm/firecracker/pull/4926): Replace
underlying implementation for seccompiler from in house one in favor of
`libseccomp` which produces smaller and more optimized BPF code.
### Deprecated
### Removed
### Fixed
- [#4921](https://github.com/firecracker-microvm/firecracker/pull/4921): Fixed
swagger `CpuConfig` definition to include missing aarch64-specific fields.
- [#4916](https://github.com/firecracker-microvm/firecracker/pull/4916): Fixed
`IovDeque` implementation to work with any host page size. This fixes
virtio-net device on non 4K host kernels.
- [#4991](https://github.com/firecracker-microvm/firecracker/pull/4991): Fixed
`mem_size_mib` and `track_dirty_pages` being mandatory for all
`PATCH /machine-config` requests. Now, they can be omitted which leaves these
parts of the machine configuration unchanged.
- [#5007](https://github.com/firecracker-microvm/firecracker/pull/5007): Fixed
watchdog softlockup warning on x86_64 guests when a vCPU is paused during GDB
debugging.
- [#5021](https://github.com/firecracker-microvm/firecracker/pull/5021) If a
balloon device is inflated post UFFD-backed snapshot restore, Firecracker now
causes `remove` UFFD messages to be sent to the UFFD handler. Previously, no
such message would be sent.
- [#5034](https://github.com/firecracker-microvm/firecracker/pull/5034): Fix an
integer underflow in the jailer when computing the value it passes to
Firecracker's `--parent-cpu-time-us` values, which caused development builds
of Firecracker to crash (but production builds were unaffected as underflows
do not panic in release mode).
- [#5045](https://github.com/firecracker-microvm/firecracker/pull/5045): Fixed
an issue where firecracker intermittently receives SIGHUP when using jailer
with `--new-pid-ns` but without `--daemonize`.
- [#4995](https://github.com/firecracker-microvm/firecracker/pull/4995):
Firecracker no longer overwrites CPUID leaf 0x80000000 when running AMD
hardware, meaning the guest can now discover a greater range of CPUID leaves
in the extended function range (this range is host kernel dependent).
- [#5046](https://github.com/firecracker-microvm/firecracker/pull/5046): Retry
KVM_CREATE_VM on EINTR that occasionally happen on heavily loaded hosts to
improve reliability of microVM creation.
- [#5052](https://github.com/firecracker-microvm/firecracker/pull/5052): Build
the empty seccomp policy as default for debug builds to avoid crashes on
syscalls introduced by debug assertions from Rust 1.80.0.
## [1.10.0]
### Added
- [#4834](https://github.com/firecracker-microvm/firecracker/pull/4834): Add
`VIRTIO_NET_F_RX_MRGBUF` support to the `virtio-net` device. When this feature
is negotiated, guest `virtio-net` driver can perform more efficient memory
management which in turn improves RX and TX performance.
- [#4460](https://github.com/firecracker-microvm/firecracker/pull/4460): Add a
call to
[`KVM_KVMCLOCK_CTRL`](https://docs.kernel.org/virt/kvm/api.html#kvm-kvmclock-ctrl)
after pausing vCPUs on x86_64 architectures. This ioctl sets a flag in the KVM
state of the vCPU indicating that it has been paused by the host userspace. In
guests that use kvmclock, the soft lockup watchdog checks this flag. If it is
set, it won't trigger the lockup condition. Calling the ioctl for guests that
don't use kvmclock will fail. These failures are not fatal. We log the failure
and increase the `vcpu.kvmclock_ctrl_fails` metric.
- [#4869](https://github.com/firecracker-microvm/firecracker/pull/4869): Added
support for Aarch64 systems which feature CPU caches with a number of sets
higher than `u16::MAX`.
- [#4797](https://github.com/firecracker-microvm/firecracker/pull/4797),
[#4854](https://github.com/firecracker-microvm/firecracker/pull/4854): Added
GDB debugging support for a microVM guest kernel. Please see our
[GDB debugging documentation](docs/gdb-debugging.md) for more information.
### Changed
- [#4844](https://github.com/firecracker-microvm/firecracker/pull/4844): Upgrade
`virtio-net` device to use `readv` syscall to avoid unnecessary memory copies
on RX path, increasing the RX performance.
### Deprecated
### Removed
- [#4804](https://github.com/firecracker-microvm/firecracker/pull/4804): Drop
Support for guest kernel 4.14. Linux 4.14 reached end-of-life in
[January 2024](https://lore.kernel.org/lkml/2024011046-ecology-tiptoeing-ce50@gregkh/)
The minimum supported guest kernel now is 5.10.
### Fixed
- [#4796](https://github.com/firecracker-microvm/firecracker/pull/4796): Fixed
Vsock not notifying guest about `TRANSPORT_RESET_EVENT` event after snapshot
restore. This resulted in guest waiting indefinitely on a connection which was
reset during snapshot creation.
- [#4790](https://github.com/firecracker-microvm/firecracker/pull/4790): v1.9.0
was missing most of the debugging information in the debuginfo file, due to a
change in the Cargo defaults. This has been corrected.
- [#4826](https://github.com/firecracker-microvm/firecracker/pull/4826): Add
missing configuration of tap offload features when restoring from a snapshot.
Setting the features was previously
[moved](https://github.com/firecracker-microvm/firecracker/pull/4680/commits/49ed5ea4b48ccd98903da037368fa3108f58ac1f)
from net device creation to device activation time, but it was not reflected
in the restore path. This was leading to inability to connect to the restored
VM if the offload features were used.
## [1.9.0]
### Added
- [#4687](https://github.com/firecracker-microvm/firecracker/pull/4687): Added
VMGenID support for microVMs running on ARM hosts with 6.1 guest kernels.
Support for VMGenID via DeviceTree bindings exists only on mainline 6.10 Linux
onwards. Users of Firecracker will need to backport the relevant patches on
top of their 6.1 kernels to make use of the feature. As a result, Firecracker
snapshot version is now 3.0.0
- [#4732](https://github.com/firecracker-microvm/firecracker/pull/4732),
[#4733](https://github.com/firecracker-microvm/firecracker/pull/4733),
[#4741](https://github.com/firecracker-microvm/firecracker/pull/4741),
[#4746](https://github.com/firecracker-microvm/firecracker/pull/4746): Added
official support for 6.1 microVM guest kernels.
- [#4743](https://github.com/firecracker-microvm/firecracker/pull/4743): Added
support for `-h` help flag to the Jailer. The Jailer will now print the help
message with either `--help` or `-h`.
### Changed
### Deprecated
- Support for guest kernel 4.14 is now deprecated. We will completely remove
4.14 support with Firecracker version v1.10
### Removed
- [#4689](https://github.com/firecracker-microvm/firecracker/pull/4689): Drop
support for host kernel 4.14. Linux 4.14 reached end-of-life in
[January 2024](https://lore.kernel.org/lkml/2024011046-ecology-tiptoeing-ce50@gregkh/).
The minimum supported kernel now is 5.10. Guest kernel 4.14 is still
supported.
### Fixed
- [4680](https://github.com/firecracker-microvm/firecracker/pull/4680): Fixed an
issue
([#4659](https://github.com/firecracker-microvm/firecracker/issues/4659))
where the virtio-net device implementation would always assume the guest
accepts all VirtIO features the device offers. This is always true with the
Linux guest kernels we are testing but other kernels, like FreeBSD make
different assumptions. This PR fixes the emulation code to set the TAP
features based on the features accepted by the guest.
## [1.8.0]
### Added
- [#4428](https://github.com/firecracker-microvm/firecracker/pull/4428): Added
ACPI support to Firecracker for x86_64 microVMs. Currently, we pass ACPI
tables with information about the available vCPUs, interrupt controllers,
VirtIO and legacy x86 devices to the guest. This allows booting kernels
without MPTable support. Please see our
[kernel policy documentation](docs/kernel-policy.md) for more information
regarding relevant kernel configurations.
- [#4487](https://github.com/firecracker-microvm/firecracker/pull/4487): Added
support for the Virtual Machine Generation Identifier (VMGenID) device on
x86_64 platforms. VMGenID is a virtual device that allows VMMs to notify
guests when they are resumed from a snapshot. Linux includes VMGenID support
since version 5.18. It uses notifications from the device to reseed its
internal CSPRNG. Please refer to
[snapshot support](docs/snapshotting/snapshot-support.md) and
[random for clones](docs/snapshotting/random-for-clones.md) documention for
more info on VMGenID. VMGenID state is part of the snapshot format of
Firecracker. As a result, Firecracker snapshot version is now 2.0.0.
### Changed
- [#4492](https://github.com/firecracker-microvm/firecracker/pull/4492): Changed
`--config` parameter of `cpu-template-helper` optional. Users no longer need
to prepare kernel, rootfs and Firecracker configuration files to use
`cpu-template-helper`.
- [#4537](https://github.com/firecracker-microvm/firecracker/pull/4537) Changed
T2CL template to pass through bit 27 and 28 of `MSR_IA32_ARCH_CAPABILITIES`
(`RFDS_NO` and `RFDS_CLEAR`) since KVM consider they are able to be passed
through and T2CL isn't designed for secure snapshot migration between
different processors.
- [#4537](https://github.com/firecracker-microvm/firecracker/pull/4537) Changed
T2S template to set bit 27 of `MSR_IA32_ARCH_CAPABILITIES` (`RFDS_NO`) to 1
since it assumes that the fleet only consists of processors that are not
affected by RFDS.
- [#4388](https://github.com/firecracker-microvm/firecracker/pull/4388): Avoid
setting `kvm_immediate_exit` to 1 if are already handling an exit, or if the
vCPU is stopped. This avoids a spurious KVM exit upon restoring snapshots.
- [#4567](https://github.com/firecracker-microvm/firecracker/pull/4567): Do not
initialize vCPUs in powered-off state upon snapshot restore. No functional
change, as vCPU initialization is only relevant for the booted case (where the
guest expects CPUs to be powered off).
### Deprecated
- Firecracker's `--start-time-cpu-us` and `--start-time-us` parameters are
deprecated and will be removed in v2.0 or later. They are used by the jailer
to pass the value that should be subtracted from the (CPU) time, when emitting
the `start_time_us` and `start_time_cpu_us` metrics. These parameters were
never meant to be used by end customers, and we recommend doing any such time
adjustments outside Firecracker.
- Booting with microVM kernels that rely on MPTable on x86_64 is deprecated and
support will be removed in v2.0 or later. We suggest to users of Firecracker
to use guest kernels with ACPI support. For x86_64 microVMs, ACPI will be the
only way Firecracker passes hardware information to the guest once MPTable
support is removed.
### Fixed
- [#4526](https://github.com/firecracker-microvm/firecracker/pull/4526): Added a
check in the network TX path that the size of the network frames the guest
passes to us is not bigger than the maximum frame the device expects to
handle. On the TX path, we copy frames destined to MMDS from guest memory to
Firecracker memory. Without the check, a mis-behaving virtio-net driver could
cause an increase in the memory footprint of the Firecracker process. Now, if
we receive such a frame, we ignore it and increase `Net::tx_malformed_frames`
metric.
- [#4536](https://github.com/firecracker-microvm/firecracker/pull/4536): Make
the first differential snapshot taken after a full snapshot contain only the
set of memory pages changed since the full snapshot. Previously, these
differential snapshots would contain all memory pages. This will result in
potentially much smaller differential snapshots after a full snapshot.
- [#4578](https://github.com/firecracker-microvm/firecracker/pull/4578): Fix
UFFD support not being forward-compatible with new ioctl options introduced in
Linux 6.6. See also
<https://github.com/bytecodealliance/userfaultfd-rs/issues/61>.
- [#4618](https://github.com/firecracker-microvm/firecracker/pull/4618): On
x86_64, when taking a snapshot, if a vCPU has MSR_IA32_TSC_DEADLINE set to 0,
Firecracker will replace it with the MSR_IA32_TSC value from the same vCPU.
This is to guarantee that the vCPU will continue receiving TSC interrupts
after restoring from the snapshot even if an interrupt is lost when taking a
snapshot.
- [#4666](https://github.com/firecracker-microvm/firecracker/pull/4666): Fixed
Firecracker sometimes restoring `MSR_IA32_TSC_DEADLINE` before `MSR_IA32_TSC`.
Now it always restores `MSR_IA32_TSC_DEADLINE` MSR after `MSR_IA32_TSC`, as
KVM relies on the guest TSC for correct restoration of
`MSR_IA32_TSC_DEADLINE`. This fixed guests using the `TSC_DEADLINE` hardware
feature receiving incorrect timer interrupts after snapshot restoration, which
could lead to them seemingly getting stuck in sleep-related syscalls (see also
<https://github.com/firecracker-microvm/firecracker/pull/4099>).
## [1.7.0]
### Added
- [#4346](https://github.com/firecracker-microvm/firecracker/pull/4346): Added
support to emit aggregate (minimum/maximum/sum) latency for
`VcpuExit::MmioRead`, `VcpuExit::MmioWrite`, `VcpuExit::IoIn` and
`VcpuExit::IoOut`. The average for these VM exits is not emitted since it can
be deduced from the available emitted metrics.
- [#4360](https://github.com/firecracker-microvm/firecracker/pull/4360): Added
dev-preview support for backing a VM's guest memory by 2M hugetlbfs pages.
Please see the [documentation](docs/hugepages.md) for more information
- [#4486](https://github.com/firecracker-microvm/firecracker/pull/4486): Added
block and net device metrics for file/tap access latencies and queue backlog
lengths, which can be used to analyse saturation of the Firecracker VMM thread
and underlying layers. Queue backlog length metrics are flushed periodically.
They can be used to esimtate an average queue length by request by dividing
its value by the number of requests served.
### Changed
- [#4230](https://github.com/firecracker-microvm/firecracker/pull/4230): Changed
microVM snapshot format version strategy. Firecracker snapshot format now has
a version that is independent of Firecracker version. The current version of
the snapshot format is v1.0.0. From now on, the Firecracker binary will define
the snapshot format version it supports and it will only be able to load
snapshots with format that is backwards compatible with that version. Users
can pass the `--snapshot-version` flag to the Firecracker binary to see its
supported snapshot version format. This change renders all previous
Firecracker snapshots (up to Firecracker version v1.6.0) incompatible with the
current Firecracker version.
- [#4449](https://github.com/firecracker-microvm/firecracker/pull/4449): Added
information about page size to the payload Firecracker sends to the UFFD
handler. Each memory region object now contains a `page_size_kib` field. See
also the [hugepages documentation](docs/hugepages.md).
- [#4498](https://github.com/firecracker-microvm/firecracker/pull/4498): Only
use memfd to back guest memory if a vhost-user-blk device is configured,
otherwise use anonymous private memory. This is because serving page faults of
shared memory used by memfd is slower and may impact workloads.
### Fixed
- [#4409](https://github.com/firecracker-microvm/firecracker/pull/4409): Fixed a
bug in the cpu-template-helper that made it panic during conversion of cpu
configuration with SVE registers to the cpu template on aarch64 platform. Now
cpu-template-helper will print warnings if it encounters SVE registers during
the conversion process. This is because cpu templates are limited to only
modify registers less than 128 bits.
- [#4413](https://github.com/firecracker-microvm/firecracker/pull/4413): Fixed a
bug in the Firecracker that prevented it to restore snapshots of VMs that had
SVE enabled.
- [#4414](https://github.com/firecracker-microvm/firecracker/pull/4360): Made
`PATCH` requests to the `/machine-config` endpoint transactional, meaning
Firecracker's configuration will be unchanged if the request returns an error.
This fixes a bug where a microVM with incompatible balloon and guest memory
size could be booted, due to the check for this condition happening after
Firecracker's configuration was updated.
- [#4259](https://github.com/firecracker-microvm/firecracker/pull/4259): Added a
double fork mechanism in the Jailer to avoid setsid() failures occurred while
running Jailer as the process group leader. However, this changed the
behaviour of Jailer and now the Firecracker process will always have a
different PID than the Jailer process.
[#4436](https://github.com/firecracker-microvm/firecracker/pull/4436): Added a
"Known Limitations" section in the Jailer docs to highlight the above change
in behaviour introduced in PR#4259.
[#4442](https://github.com/firecracker-microvm/firecracker/pull/4442): As a
solution to the change in behaviour introduced in PR#4259, provided a
mechanism to reliably fetch Firecracker PID. With this change, Firecracker
process's PID will always be available in the Jailer's root directory
regardless of whether new_pid_ns was set.
- [#4468](https://github.com/firecracker-microvm/firecracker/pull/4468): Fixed a
bug where a client would hang or timeout when querying for an MMDS path whose
content is empty, because the 'Content-Length' header field was missing in a
response.
## [1.6.0]
### Added
- [#4145](https://github.com/firecracker-microvm/firecracker/pull/4145): Added
support for per net device metrics. In addition to aggregate metrics `net`,
each individual net device will emit metrics under the label
`"net_{iface_id}"`. E.g. the associated metrics for the endpoint
`"/network-interfaces/eth0"` will be available under `"net_eth0"` in the
metrics json object.
- [#4202](https://github.com/firecracker-microvm/firecracker/pull/4202): Added
support for per block device metrics. In addition to aggregate metrics
`block`, each individual block device will emit metrics under the label
`"block_{drive_id}"`. E.g. the associated metrics for the endpoint
`"/drives/{drive_id}"` will be available under `"block_drive_id"` in the
metrics json object.
- [#4205](https://github.com/firecracker-microvm/firecracker/pull/4205): Added a
new `vm-state` subcommand to `info-vmstate` command in the `snapshot-editor`
tool to print MicrovmState of vmstate snapshot file in a readable format. Also
made the `vcpu-states` subcommand available on x86_64.
- [#4063](https://github.com/firecracker-microvm/firecracker/pull/4063): Added
source-level instrumentation based tracing. See [tracing](./docs/tracing.md)
for more details.
- [#4138](https://github.com/firecracker-microvm/firecracker/pull/4138),
[#4170](https://github.com/firecracker-microvm/firecracker/pull/4170),
[#4223](https://github.com/firecracker-microvm/firecracker/pull/4223),
[#4247](https://github.com/firecracker-microvm/firecracker/pull/4247),
[#4226](https://github.com/firecracker-microvm/firecracker/pull/4226): Added
**developer preview only** (NOT for production use) support for vhost-user
block devices. Firecracker implements a vhost-user frontend. Users are free to
choose from existing open source backend solutions or their own
implementation. Known limitation: snapshotting is not currently supported for
microVMs containing vhost-user block devices. See the
[related doc page](./docs/api_requests/block-vhost-user.md) for details. The
device emits metrics under the label `"vhost_user_{device}_{drive_id}"`.
### Changed
- [#4309](https://github.com/firecracker-microvm/firecracker/pull/4309): The
jailer's option `--parent-cgroup` will move the process to that cgroup if no
`cgroup` options are provided.
- Simplified and clarified the removal policy of deprecated API elements to
follow semantic versioning 2.0.0. For more information, please refer to
[this GitHub discussion](https://github.com/firecracker-microvm/firecracker/discussions/4135).
- [#4180](https://github.com/firecracker-microvm/firecracker/pull/4180):
Refactored error propagation to avoid logging and printing an error on exits
with a zero exit code. Now, on successful exit "Firecracker exited
successfully" is logged.
- [#4194](https://github.com/firecracker-microvm/firecracker/pull/4194): Removed
support for creating Firecracker snapshots targeting older versions of
Firecracker. With this change, running 'firecracker --version' will not print
the supported snapshot versions.
- [#4301](https://github.com/firecracker-microvm/firecracker/pull/4301): Allow
merging of diff snapshots into base snapshots by directly writing the diff
snapshot on top of the base snapshot's memory file. This can be done by
setting the `mem_file_path` to the path of the pre-existing full snapshot.
### Deprecated
- [#4209](https://github.com/firecracker-microvm/firecracker/pull/4209):
`rebase-snap` tool is now deprecated. Users should use `snapshot-editor` for
rebasing diff snapshots.
### Fixed
- [#4171](https://github.com/firecracker-microvm/firecracker/pull/4171): Fixed a
bug that ignored the `--show-log-origin` option, preventing it from printing
the source code file of the log messages.
- [#4178](https://github.com/firecracker-microvm/firecracker/pull/4178): Fixed a
bug reporting a non-zero exit code on successful shutdown when starting
Firecracker with `--no-api`.
- [#4261](https://github.com/firecracker-microvm/firecracker/pull/4261): Fixed a
bug where Firecracker would log "RunWithApiError error: MicroVMStopped without
an error: GenericError" when exiting after encountering an emulation error. It
now correctly prints "RunWithApiError error: MicroVMStopped _with_ an error:
GenericError".
- [#4242](https://github.com/firecracker-microvm/firecracker/pull/4242): Fixed a
bug introduced in #4047 that limited the `--level` option of logger to
Pascal-cased values (e.g. accepting "Info", but not "info"). It now ignores
case again.
- [#4286](https://github.com/firecracker-microvm/firecracker/pull/4286): Fixed a
bug in the asynchronous virtio-block engine that rendered the device
non-functional after a PATCH request was issued to Firecracker for updating
the path to the host-side backing file of the device.
- [#4301](https://github.com/firecracker-microvm/firecracker/pull/4301): Fixed a
bug where if Firecracker was instructed to take a snapshot of a microvm which
itself was restored from a snapshot, specifying `mem_file_path` to be the path
of the memory file from which the microvm was restored would result in both
the microvm and the snapshot being corrupted. It now instead performs a
"write-back" of all memory that was updated since the snapshot was originally
loaded.
## [1.5.0]
### Added
- [#3837](https://github.com/firecracker-microvm/firecracker/issues/3837): Added
official support for Linux 6.1. See
[prod-host-setup](./docs/prod-host-setup.md) for some security and performance
considerations.
- [#4045](https://github.com/firecracker-microvm/firecracker/pull/4045) and
[#4075](https://github.com/firecracker-microvm/firecracker/pull/4075): Added
`snapshot-editor` tool for modifications of snapshot files. It allows for
rebasing of memory snapshot files, printing and removing aarch64 registers
from the vmstate and obtaining snapshot version.
- [#3967](https://github.com/firecracker-microvm/firecracker/pull/3967/): Added
new fields to the custom CPU templates. (aarch64 only) `vcpu_features` field
allows modifications of vCPU features enabled during vCPU initialization.
`kvm_capabilities` field allows modifications of KVM capability checks that
Firecracker performs during boot. If any of these fields are in use, minimal
target snapshot version is restricted to 1.5.
### Changed
- Updated deserialization of `bitmap` for custom CPU templates to allow usage of
'\_' as a separator.
- Changed the strip feature of `cpu-template-helper` tool to operate bitwise.
- Better logs during validation of CPU ID in snapshot restoration path. Also
Firecracker now does not fail if it can't get CPU ID from the host or can't
find CPU ID in the snapshot.
- Changed the serial device to only try to initialize itself if stdin is a
terminal or a FIFO pipe. This fixes logged warnings about the serial device
failing to initialize if the process is daemonized (in which case stdin is
/dev/null instead of a terminal).
- Changed to show a warning message when launching a microVM with C3 template on
a processor prior to Intel Cascade Lake, because the guest kernel does not
apply the mitigation against MMIO stale data vulnerability when it is running
on a processor that does not enumerate FBSDP_NO, PSDP_NO and SBDR_SSDP_NO on
IA32_ARCH_CAPABILITIES MSR.
- Made Firecracker resize its file descriptor table on process start. It now
preallocates the in-kernel fdtable to hold `RLIMIT_NOFILE` many fds (or 2048
if no limit is set). This avoids the kernel reallocating the fdtable during
Firecracker operations, resulting in a 30ms to 70ms reduction of snapshot
restore times for medium to large microVMs with many devices attached.
- Changed the dump feature of `cpu-template-helper` tool not to enumerate
program counter (PC) on ARM because it is determined by the given kernel image
and it is useless in the custom CPU template context.
- The ability to create snapshots for an older version of Firecracker is now
deprecated. As a result, the `version` body field in `PUT` on
`/snapshot/create` request in deprecated.
- Added support for the /dev/userfaultfd device available on linux kernels >=
6.1. This is the default for creating UFFD handlers on these kernel versions.
If it is unavailable, Firecracker falls back to the userfaultfd syscall.
- Deprecated `cpu_template` field in `PUT` and `PATCH` requests on
`/machine-config` API, which is used to set a static CPU template. Custom CPU
templates added in v1.4.0 are available as an improved iteration of the static
CPU templates. For more information about the transition from static CPU
templates to custom CPU templates, please refer to
[this GitHub discussion](https://github.com/firecracker-microvm/firecracker/discussions/4135).
- Changed default log level from
[`Warn`](https://docs.rs/log/latest/log/enum.Level.html#variant.Warn) to
[`Info`](https://docs.rs/log/latest/log/enum.Level.html#variant.Info). This
results in more logs being output by default.
### Fixed
- Fixed a change in behavior of normalize host brand string that breaks
Firecracker on external instances.
- Fixed the T2A CPU template not to unset the MMX bit (CPUID.80000001h:EDX[23])
and the FXSR bit (CPUID.80000001h:EDX[24]).
- Fixed the T2A CPU template to set the RstrFpErrPtrs bit
(CPUID.80000008h:EBX[2]).
- Fixed a bug where Firecracker would crash during boot if a guest set up a
virtio queue that partially overlapped with the MMIO gap. Now Firecracker
instead correctly refuses to activate the corresponding virtio device.
- Fixed the T2CL CPU template to pass through security mitigation bits that are
listed by KVM as bits able to be passed through. By making the most use of the
available hardware security mitigations on a processor that a guest is running
on, the guest might be able to benefit from performance improvements.
- Fixed the T2S CPU template to set the GDS_NO bit of the IA32_ARCH_CAPABILITIES
MSR to 1 in accordance with an Intel microcode update. To use the template
securely, users should apply the latest microcode update on the host.
- Fixed the spelling of the `nomodule` param passed in the default kernel
command line parameters. This is a **breaking change** for setups that use the
default kernel command line which also depend on being able to load kernel
modules at runtime. This may also break setups which use the default kernel
command line and which use an init binary that inadvertently depends on the
misspelled param ("nomodules") being present at the command line, since this
param will no longer be passed.
## [1.4.0]
### Added
- Added support for custom CPU templates allowing users to adjust vCPU features
exposed to the guest via CPUID, MSRs and ARM registers.
- Introduced V1N1 static CPU template for ARM to represent Neoverse V1 CPU as
Neoverse N1.
- Added support for the `virtio-rng` entropy device. The device is optional. A
single device can be enabled per VM using the `/entropy` endpoint.
- Added a `cpu-template-helper` tool for assisting with creating and managing
custom CPU templates.
### Changed
- Set FDP_EXCPTN_ONLY bit (CPUID.7h.0:EBX[6]) and ZERO_FCS_FDS bit
(CPUID.7h.0:EBX[13]) in Intel's CPUID normalization process.
### Fixed
- Fixed feature flags in T2S CPU template on Intel Ice Lake.
- Fixed CPUID leaf 0xb to be exposed to guests running on AMD host.
- Fixed a performance regression in the jailer logic for closing open file
descriptors. Related to:
[#3542](https://github.com/firecracker-microvm/firecracker/issues/3542).
- A race condition that has been identified between the API thread and the VMM
thread due to a misconfiguration of the `api_event_fd`.
- Fixed CPUID leaf 0x1 to disable perfmon and debug feature on x86 host.
- Fixed passing through cache information from host in CPUID leaf 0x80000006.
- Fixed the T2S CPU template to set the RRSBA bit of the IA32_ARCH_CAPABILITIES
MSR to 1 in accordance with an Intel microcode update.
- Fixed the T2CL CPU template to pass through the RSBA and RRSBA bits of the
IA32_ARCH_CAPABILITIES MSR from the host in accordance with an Intel microcode
update.
- Fixed passing through cache information from host in CPUID leaf 0x80000005.
- Fixed the T2A CPU template to disable SVM (nested virtualization).
- Fixed the T2A CPU template to set EferLmsleUnsupported bit
(CPUID.80000008h:EBX[20]), which indicates that EFER[LMSLE] is not supported.
## [1.3.0]
### Added
- Introduced T2CL (Intel) and T2A (AMD) CPU templates to provide instruction set
feature parity between Intel and AMD CPUs when using these templates.
- Added Graviton3 support (c7g instance type).
### Changed
- Improved error message when invalid network backend provided.
- Improved TCP throughput by between 5% and 15% (depending on CPU) by using
scatter-gather I/O in the net device's TX path.
- Upgraded Rust toolchain from 1.64.0 to 1.66.0.
- Made seccompiler output bit-reproducible.
### Fixed
- Fixed feature flags in T2 CPU template on Intel Ice Lake.
## [1.2.0]
### Added
- Added a new CPU template called `T2S`. This exposes the same CPUID as `T2` to
the Guest and also overwrites the `ARCH_CAPABILITIES` MSR to expose a reduced
set of capabilities. With regards to hardware vulnerabilities and mitigations,
the Guest vCPU will apear to look like a Skylake CPU, making it safe to
snapshot uVMs running on a newer host CPU (Cascade Lake) and restore on a host
that has a Skylake CPU.
- Added a new CLI option `--metrics-path PATH`. It accepts a file parameter
where metrics will be sent to.
- Added baselines for m6i.metal and m6a.metal for all long running performance
tests.
- Releases now include debuginfo files.
### Changed
- Changed the jailer option `--exec-file` to fail if the filename does not
contain the string `firecracker` to prevent from running non-firecracker
binaries.
- Upgraded Rust toolchain from 1.52.1 to 1.64.0.
- Switched to specifying our dependencies using caret requirements instead of
comparison requirements.
- Updated all dependencies to their respective newest versions.
### Fixed
- Made the `T2` template more robust by explicitly disabling additional CPUID
flags that should be off but were missed initially or that were not available
in the spec when the template was created.
- Now MAC address is correctly displayed when queried with GET `/vm/config` if
left unspecified in both pre and post snapshot states.
- Fixed a self-DoS scenario in the virtio-queue code by reporting and
terminating execution when the number of available descriptors reported by the
driver is higher than the queue size.
- Fixed the bad handling of kernel cmdline parameters when init arguments were
provided in the `boot_args` field of the JSON body of the PUT `/boot-source`
request.
- Fixed a bug on ARM64 hosts where the upper 64bits of the V0-V31 FL/SIMD
registers were not saved correctly when taking a snapshot, potentially leading
to data loss. This change invalidates all ARM64 snapshots taken with versions
of Firecracker \<= 1.1.3.
- Improved stability and security when saving CPU MSRs in snapshots.
## [1.1.0]
### Added
- The API `PATCH` methods for `machine-config` can now be used to reset the
`cpu_template` to `"None"`. Until this change there was no way to reset the
`cpu_template` once it was set.
- Added a `rebase-snap` tool for rebasing a diff snapshot over a base snapshot.
- Mmds version is persisted across snapshot-restore. Snapshot compatibility is
preserved bidirectionally, to and from a Firecracker version that does not
support persisting the Mmds version. In such cases, the default V1 option is
used.
- Added `--mmds-size-limit` for limiting the mmds data store size instead of
piggy-backing on `--http-api-max-payload-size`. If left unconfigured it
defaults to the value of `--http-api-max-payload-size`, to provide backwards
compatibility.
- Added optional `mem_backend` body field in `PUT` requests on `/snapshot/load`.
This new parameter is an object that defines the configuration of the backend
responsible for handling memory loading during snapshot restore. The
`mem_backend` parameter contains `backend_type` and `backend_path` required
fields. `backend_type` is an enum that can take either `File` or `Uffd` as
value. Interpretation of `backend_path` field depends on the value of
`backend_type`. If `File`, then the user must provide the path to file that
contains the guest memory to be loaded. Otherwise, if `backend_type` is
`Uffd`, then `backend_path` is the path to a unix domain socket where a custom
page fault handler process is listening and expecting a UFFD to be sent by
Firecracker. The UFFD is used to handle the guest memory page faults in the
separate process.
- Added logging for the snapshot/restore and async block device IO engine
features to indicate they are in development preview.
### Changed
- The API `PATCH` method for `/machine-config` can be now used to change
`track_dirty_pages` on aarch64.
- MmdsV2 is now Generally Available.
- MmdsV1 is now deprecated and will be removed in Firecracker v2.0.0. Use MmdsV2
instead.
- Deprecated `mem_file_path` body field in `PUT` on `/snapshot/load` request.
### Fixed
- Fixed inconsistency that allowed the start of a microVM from a JSON file
without specifying the `vcpu_count` and `mem_size_mib` parameters for
`machine-config` although they are mandatory when configuring via the API. Now
these fields are mandatory when specifying `machine-config` in the JSON file
and when using the `PUT` request on `/machine-config`.
- Fixed inconsistency that allowed a user to specify the `cpu_template`
parameter and set `smt` to `True` in `machine-config` when starting from a
JSON file on aarch64 even though they are not permitted when using `PUT` or
`PATCH` in the API. Now Firecracker will return an error on aarch64 if `smt`
is set to `True` or if `cpu_template` is specified.
- Fixed inconsistent behaviour of the `PUT` method for `/machine-config` that
would reset the `track_dirty_pages` parameter to `false` if it was not
specified in the JSON body of the request, but left the `cpu_template`
parameter intact if it was not present in the request. Now a `PUT` request for
`/machine-config` will reset all optional parameters (`smt`, `cpu_template`,
`track_dirty_pages`) to their default values if they are not specified in the
`PUT` request.
- Fixed incosistency in the swagger definition with the current state of the
`/vm/config` endpoint.
## [1.0.0]
### Added
- Added jailer option `--parent-cgroup <relative_path>` to allow the placement
of microvm cgroups in custom cgroup nested hierarchies. The default value is
`<exec-file>` which is backwards compatible to the behavior before this
change.
- Added jailer option `--cgroup-version <1|2>` to support running the jailer on
systems that have cgroup-v2. Default value is `1` which means that if
`--cgroup-version` is not specified, the jailer will try to create cgroups on
cgroup-v1 hierarchies only.
- Added `--http-api-max-payload-size` parameter to configure the maximum payload
size for PUT and PATCH requests.
- Limit MMDS data store size to `--http-api-max-payload-size`.
- Cleanup all environment variables in Jailer.
- Added metrics for accesses to deprecated HTTP and command line API endpoints.
- Added permanent HTTP endpoint for `GET` on `/version` for getting the
Firecracker version.
- Added `--metadata` parameter to enable MMDS content to be supplied from a file
allowing the MMDS to be used when using `--no-api` to disable the API server.
- Checksum file for the release assets.
- Added support for custom headers to MMDS requests. Accepted headers are:
`X-metadata-token`, which accepts a string value that provides a session token
for MMDS requests; and `X-metadata-token-ttl-seconds`, which specifies the
lifetime of the session token in seconds.
- Support and validation for host and guest kernel 5.10.
- A [kernel support policy](docs/kernel-policy.md).
- Added `io_engine` to the pre-boot block device configuration. Possible values:
`Sync` (the default option) or `Async` (only available for kernels newer than
5.10.51). The `Async` variant introduces a block device engine that uses
io_uring for executing requests asynchronously, which is in **developer
preview** (NOT for production use). See
`docs/api_requests/block-io-engine.md`.
- Added `block.io_engine_throttled_events` metric for measuring the number of
virtio events throttled because of the IO engine.
- New optional `version` field to PUT requests towards `/mmds/config` to
configure MMDS version. Accepted values are `V1` and `V2` and default is `V1`.
MMDS `V2` is **developer preview only** (NOT for production use) and it does
not currently work after snapshot load.
- Mandatory `network_interfaces` field to PUT requests towards `/mmds/config`
which contains a list of network interface IDs capable of forwarding packets
to MMDS.
### Changed
- Removed the `--node` jailer parameter.
- Deprecated `vsock_id` body field in `PUT`s on `/vsock`.
- Removed the deprecated the `--seccomp-level parameter`.
- `GET` requests to MMDS require a session token to be provided through
`X-metadata-token` header when using V2.
- Allow `PUT` requests to MMDS in order to generate a session token to be used
for future `GET` requests when version 2 is used.
- Remove `allow_mmds_requests` field from the request body that attaches network
interfaces. Specifying interfaces that allow forwarding requests to MMDS is
done by adding the network interface's ID to the `network_interfaces` field of
PUT `/mmds/config` request's body.
- Renamed `/machine-config` `ht_enabled` to `smt`.
- `smt` field is now optional on PUT `/machine-config`, defaulting to `false`.
- Configuring `smt: true` on aarch64 via the API is forbidden.
### Fixed
- GET `/vm/config` was returning a default config object after restoring from a
snapshot. It now correctly returns the config of the original microVM, except
for boot_config and the cpu_template and smt fields of the machine config,
which are currently lost.
- Fixed incorrect propagation of init parameters in kernel commandline. Related
to: [#2709](https://github.com/firecracker-microvm/firecracker/issues/2709).
- Adapt T2 and C3 CPU templates for kernel 5.10. Firecracker was not previously
masking some CPU features of the host or emulated by KVM, introduced in more
recent kernels: `umip`, `vmx`, `avx512_vnni`.
- Fix jailer's cgroup implementation to accept properties that contain multiple
dots.
## [0.25.0]
### Added
- Added devtool build `--ssh-keys` flag to support fetching from private git
repositories.
- Added option to configure block device flush.
- Added `--new-pid-ns` flag to the Jailer in order to spawn the Firecracker
process in a new PID namespace.
- Added API metrics for `GET`, `PUT` and `PATCH` requests on `/mmds` endpoint.
- Added `--describe-snapshot` flag to Firecracker to fetch the data format
version of a snapshot state file provided as argument.
- Added `--no-seccomp` parameter for disabling the default seccomp filters.
- Added `--seccomp-filter` parameter for supplying user-provided, custom
filters.
- Added the `seccompiler-bin` binary that is used to compile JSON seccomp
filters into serialized BPF for Firecracker consumption.
- Snapshotting support for GICv2 enabled guests.
- Added `devtool install` to deploy built binaries in `/usr/local/bin` or a
given path.
- Added code logic to send `VIRTIO_VSOCK_EVENT_TRANSPORT_RESET` on snapshot
creation, when the Vsock device is active. The event will close active
connections on the guest.
- Added `GET` request on `/vm/config` that provides full microVM configuration
as a JSON HTTP response.
- Added `--resource-limit` flag to jailer to limit resources such as: number of
file descriptors allowed at a time (with a default value of 2048) and maximum
size of files created by the process.
### Changed
- Changed Docker images repository from DockerHub to Amazon ECR.
- Fixed off-by-one error in virtio-block descriptor address validation.
- Changed the `PATCH` request on `/balloon/statistics` to schedule the first
statistics update immediately after processing the request.
- Deprecated the `--seccomp-level parameter`. It will be removed in a future
release. Using it logs a runtime warning.
- Experimental gnu libc builds use empty default seccomp filters, allowing all
system calls.
### Fixed
- Fixed non-compliant check for the RTC device ensuring a fixed 4-sized data
buffer.
- Unnecessary interrupt assertion was removed from the RTC. However, a dummy
interrupt is still allocated for snapshot compatibility reasons.
- Fixed the SIGPIPE signal handler so Firecracker no longer exits. The signal is
still recorded in metrics and logs.
- Fixed ballooning API definitions by renaming all fields which mentioned "MB"
to use "MiB" instead.
- Snapshot related host files (vm-state, memory, block backing files) are now
flushed to their backing mediums as part of the CreateSnapshot operation.
- Fixed the SSBD mitigation not being enabled on `aarch64` with the provided
`prod-host-setup.md`.
- Fixed the balloon statistics not working after a snapshot restore event.
- The `utc_timestamp_ms` now reports the timestamp in ms from the UTC UNIX
Epoch, as the name suggests. It was previously using a monotonic clock with an
undefined starting point.
## [0.24.0]
### Added
- Added optional `resume_vm` field to `/snapshot/load` API call.
- Added support for block rate limiter PATCH.
- Added devtool test `-c|--cpuset-cpus` flag for cpus confinement when tests
run.
- Added devtool test `-m|--cpuset-mems` flag for memory confinement when tests
run.
- Added the virtio traditional memory ballooning device.
- Added a mechanism to handle vCPU/VMM errors that result in process
termination.
- Added incremental guest memory snapshot support.
- Added aarch64 snapshot support.
### Changed
- Change the information provided in `DescribeInstance` command to provide
microVM state information (Not started/Running/Paused) instead of whether it's
started or not.
- Removed the jailer `--extra-args` parameter. It was a noop, having been
replaced by the `--` separator for extra arguments.
- Changed the output of the `--version` command line parameter to include a list
of supported snapshot data format versions for the firecracker binary.
- Increased the maximum number of virtio devices from 11 to 19.
- Added a new check that prevents creating v0.23 snapshots when more than 11
devices are attached.
- If the stdout buffer is full and non-blocking, the serial writes no longer
block. Any new bytes will be lost, until the buffer is freed. The device also
logs these errors and increments the `uart.error_count` metric for each lost
byte.
### Fixed
- Fixed inconsistency in YAML file InstanceInfo definition
## [0.23.0]
### Added
- Added metric for throttled block device events.
- Added metrics for counting rate limiter throttling events.
- Added metric for counting MAC address updates.
- Added metrics for counting TAP read and write errors.
- Added metrics for counting RX and TX partial writes.
- Added metrics that measure the duration of pausing and resuming the microVM,
from the VMM perspective.
- Added metric for measuring the duration of the last full/diff snapshot
created, from the VMM perspective.
- Added metric for measuring the duration of loading a snapshot, from the VMM
perspective.
- Added metrics that measure the duration of pausing and resuming the microVM,
from the API (user) perspective.
- Added metric for measuring the duration of the last full/diff snapshot
created, from the API (user) perspective.
- Added metric for measuring the duration of loading a snapshot, from the API
(user) perspective.
- Added `track_dirty_pages` field to `machine-config`. If enabled, Firecracker
can create incremental guest memory snapshots by saving the dirty guest pages
in a sparse file.
- Added a new API call, `PATCH /vm`, for changing the microVM state (to `Paused`
or `Resumed`).
- Added a new API call, `PUT /snapshot/create`, for creating a full or diff
snapshot.
- Added a new API call, `PUT /snapshot/load`, for loading a snapshot.
- Added new jailer command line argument `--cgroup` which allow the user to
specify the cgroups that are going to be set by the Jailer.
- Added full support for AMD CPUs (General Availability). More details
[here](README.md#supported-platforms).
### Fixed
- Boot time on AMD achieves the desired performance (i.e under 150ms).
### Changed
- The logger `level` field is now case-insensitive.
- Disabled boot timer device after restoring a snapshot.
- Enabled boot timer device only when specifically requested, by using the
`--boot-timer` dedicated cmdline parameter.
- firecracker and jailer `--version` now gets updated on each devtool build to
the output of `git describe --dirty`, if the git repo is available.
- MicroVM process is only attached to the cgroups defined by using `--cgroups`
or the ones defined indirectly by using `--node`.
- Changed `devtool build` to build jailer binary for `musl` only targets.
Building jailer binary for `non-musl` targets have been removed.
## [0.22.0]
### Added
- Added a new API call, `PUT /metrics`, for configuring the metrics system.
- Added `app_name` field in InstanceInfo struct for storing the application
name.
- New command-line parameters for `firecracker`, named `--log-path`, `--level`,
`--show-level` and `--show-log-origin` that can be used for configuring the
Logger when starting the process. When using this method for configuration,
only `--log-path` is mandatory.
- Added a
[guide](https://github.com/firecracker-microvm/firecracker/blob/v0.22.0/docs/devctr-image.md)
for updating the dev container image.
- Added a new API call, `PUT /mmds/config`, for configuring the `MMDS` with a
custom valid link-local IPv4 address.
- Added experimental JSON response format support for MMDS guest applications
requests.
- Added metrics for the vsock device.
- Added `devtool strip` command which removes debug symbols from the release
binaries.
- Added the `tx_malformed_frames` metric for the virtio net device, emitted when
a TX frame missing the VNET header is encountered.
### Fixed
- Added `--version` flag to both Firecracker and Jailer.
- Return `405 Method Not Allowed` MMDS response for non HTTP `GET` MMDS requests
originating from guest.
- Fixed folder permissions in the jail (#1802).
- Any number of whitespace characters are accepted after ":" when parsing HTTP
headers.
- Potential panic condition caused by the net device expecting to find a VNET
header in every frame.
- Potential crash scenario caused by "Content-Length" HTTP header field
accepting negative values.
- Fixed #1754 - net: traffic blocks when running ingress UDP performance tests
with very large buffers.
### Changed
- Updated CVE-2019-3016 mitigation information in
[Production Host Setup](docs/prod-host-setup.md)
- In case of using an invalid JSON as a 'config-file' for Firecracker, the
process will exit with return code 152.
- Removed the `testrun.sh` wrapper.
- Removed `metrics_fifo` field from the logger configuration.
- Renamed `log_fifo` field from LoggerConfig to `log_path` and `metrics_fifo`
field from MetricsConfig to `metrics_path`.
- `PATCH /drives/{id}` only allowed post-boot. Use `PUT` for pre-boot updates to
existing configurations.
- `PATCH /network-interfaces/{id}` only allowed post-boot. Use `PUT` for
pre-boot updates to existing configurations.
- Changed returned status code from `500 Internal Server Error` to
`501 Not Implemented`, for queries on the MMDS endpoint in IMDS format, when
the requested resource value type is unsupported.
- Allowed the MMDS data store to be initialized with all supported JSON types.
Retrieval of these values within the guest, besides String, Array, and
Dictionary, is only possible in JSON mode.
- `PATCH` request on `/mmds` before the data store is initialized returns
`403 BadRequest`.
- Segregated MMDS documentation in MMDS design documentation and MMDS user guide
documentation.
## [0.21.0]
### Added
- Support for booting with an initial RAM disk image. This image can be
specified through the new `initrd_path` field of the `/boot-source` API
request.
### Fixed
- Fixed #1469 - Broken GitHub location for Firecracker release binary.
- The jailer allows changing the default api socket path by using the extra
arguments passed to firecracker.
- Fixed #1456 - Occasional KVM_EXIT_SHUTDOWN and bad syscall (14) during VM
shutdown.
- Updated the production host setup guide with steps for addressing
CVE-2019-18960.
- The HTTP header parsing is now case insensitive.
- The `put_api_requests` and `patch_api_requests` metrics for net devices were
un-swapped.
### Changed
- Removed redundant `--seccomp-level` jailer parameter since it can be simply
forwarded to the Firecracker executable using "end of command options"
convention.
- Removed `memory.dirty_pages` metric.
- Removed `options` field from the logger configuration.
- Decreased release binary size by ~15%.
- Changed default API socket path to `/run/firecracker.socket`. This path also
applies when running with the jailer.
- Disabled KVM dirty page tracking by default.
- Removed redundant RescanBlockDevice action from the /actions API. The
functionality is available through the PATCH /drives API. See
`docs/api_requests/patch-block.md`.
## [0.20.0]
### Added
- Added support for GICv2.
### Fixed
- Fixed CVE-2019-18960 - Fixed a logical error in bounds checking performed on
vsock virtio descriptors.
- Fixed #1283 - Can't start a VM in AARCH64 with vcpus number more than 16.
- Fixed #1088 - The backtrace are printed on `panic`, no longer causing a
seccomp fault.
- Fixed #1375 - Change logger options type from `Value` to `Vec<LogOption>` to
prevent potential unwrap on None panics.
- Fixed #1436 - Raise interrupt for TX queue used descriptors
- Fixed #1439 - Prevent achieving 100% cpu load when the net device rx is
throttled by the ratelimiter
- Fixed #1437 - Invalid fields in rate limiter related API requests are now
failing with a proper error message.
- Fixed #1316 - correctly determine the size of a virtio device backed by a
block device.
- Fixed #1383 - Log failed api requests.
### Changed
- Decreased release binary size by 10%.
## [0.19.0]
### Added
- New command-line parameter for `firecracker`, named `--no-api`, which will
disable the API server thread. If set, the user won't be able to send any API
requests, neither before, nor after the vm has booted. It must be paired with
`--config-file` parameter. Also, when API server is disabled, MMDS is no
longer available now.
- New command-line parameter for `firecracker`, named `--config-file`, which
represents the path to a file that contains a JSON which can be used for
configuring and starting a microVM without sending any API requests.
- The jailer adheres to the "end of command options" convention, meaning all
parameters specified after `--` are forwarded verbatim to Firecracker.
- Added `KVM_PTP` support to the recommended guest kernel config.
- Added entry in FAQ.md for Firecracker Guest timekeeping.
### Changed
- Vsock API call: `PUT /vsocks/{id}` changed to `PUT /vsock` and no longer
appear to support multiple vsock devices. Any subsequent calls to this API
endpoint will override the previous vsock device configuration.
- Removed unused 'Halting' and 'Halted' instance states.
- Vsock host-initiated connections now implement a trivial handshake protocol.
See the [vsock doc](docs/vsock.md#host-initiated-connections) for details.
Related to:
[#1253](https://github.com/firecracker-microvm/firecracker/issues/1253),
[#1432](https://github.com/firecracker-microvm/firecracker/issues/1432),
[#1443](https://github.com/firecracker-microvm/firecracker/pull/1443)
### Fixed
- Fixed serial console on aarch64 (GitHub issue #1147).
- Upon panic, the terminal is now reset to canonical mode.
- Explicit error upon failure of vsock device creation.
- The failure message returned by an API call is flushed in the log FIFOs.
- Insert virtio devices in the FDT in order of their addresses sorted from low
to high.
- Enforce the maximum length of the network interface name to be 16 chars as
specified in the Linux Kernel.
- Changed the vsock property `id` to `vsock_id` so that the API client can be
successfully generated from the swagger definition.
## [0.18.0]
### Added
- New device: virtio-vsock, backed by Unix domain sockets (GitHub issue #650).
See `docs/vsock.md`.
### Changed
- No error is thrown upon a flush metrics intent if logger has not been
configured.
### Fixed
- Updated the documentation for integration tests.
- Fixed high CPU usage before guest network interface is brought up (GitHub
issue #1049).
- Fixed an issue that caused the wrong date (month) to appear in the log.
- Fixed a bug that caused the seccomp filter to reject legit syscalls in some
rare cases (GitHub issue #1206).
- Docs: updated the production host setup guide.
- Docs: updated the rootfs and kernel creation guide.
### Removed
- Removed experimental support for vhost-based vsock devices.
## [0.17.0]
### Added
- New API call: `PATCH /machine-config/`, used to update VM configuration,
before the microVM boots.
- Added an experimental swagger definition that includes the specification for
the vsock API call.
- Added a signal handler for `SIGBUS` and `SIGSEGV` that immediately terminates
the process upon intercepting the signal.
- Added documentation for signal handling utilities.
- Added [alpha] aarch64 support.
- Added metrics for successful read and write operations of MMDS, Net and Block
devices.
### Changed
- `vcpu_count`, `mem_size_mib` and `ht_enabled` have been changed to be
mandatory for `PUT` requests on `/machine-config/`.
- Disallow invalid seccomp levels by exiting with error.
### Fixed
- Incorrect handling of bind mounts within the jailed rootfs.
- Corrected the guide for `Alpine` guest setup.
## [0.16.0]
### Added
- Added [alpha] AMD support.
- New `devtool` command: `prepare_release`. This updates the Firecracker
version, crate dependencies and credits in preparation for a new release.
- New `devtool` command: `tag`. This creates a new git tag for the specified
release number, based on the changelog contents.
- New doc section about building with glibc.
### Changed
- Dropped the JSON-formatted `context` command-line parameter from Firecracker
in favor of individual classic command-line parameters.
- When running with `jailer` the location of the API socket has changed to
`<jail-root-path>/api.socket` (API socket was moved _inside_ the jail).
- `PUT` and `PATCH` requests on `/mmds` with data containing any value type
other than `String`, `Array`, `Object` will returns status code 400.
- Improved multiple error messages.
- Removed all kernel modules from the recommended kernel config.
### Fixed
- Corrected the seccomp filter when building with glibc.
### Removed
- Removed the `seccomp.bad_syscalls` metric.
## [0.15.2]
### Fixed
- Corrected the conditional compilation of the seccomp rule for `madvise`.
## [0.15.1]
### Fixed
- A `madvise` call issued by the `musl` allocator was added to the seccomp allow
list to prevent Firecracker from terminating abruptly when allocating memory
in certain conditions.
## [0.15.0]
### Added
- New API action: SendCtrlAltDel, used to initiate a graceful shutdown, if the
guest has driver support for i8042 and AT Keyboard. See
[the docs](docs/api_requests/actions.md#sendctrlaltdel) for details.
- New metric counting the number of egress packets with a spoofed MAC:
`net.tx_spoofed_mac_count`.
- New API call: `PATCH /network-interfaces/`, used to update the rate limiters
on a network interface, after the start of a microVM.
### Changed
- Added missing `vmm_version` field to the InstanceInfo API swagger definition,
and marked several other mandatory fields as such.
- New default command line for guest kernel:
`reboot=k panic=1 pci=off nomodules 8250.nr_uarts=0 i8042.noaux i8042.nomux i8042.nopnp i8042.dumbkbd`.
### Fixed
- virtio-blk: VIRTIO_BLK_T_FLUSH now working as expected.
- Vsock devices can be attached when starting Firecracker using the jailer.
- Vsock devices work properly when seccomp filtering is enabled.
## [0.14.0]
### Added
- Documentation for development environment setup on AWS in
`dev-machine-setup.md`.
- Documentation for microVM networking setup in `docs/network-setup.md`.
- Limit the maximum supported vCPUs to 32.
### Changed
- Log the app version when the `Logger` is initialized.
- Pretty print panic information.
- Firecracker terminates with exit code 148 when a syscall which is not present
in the allow list is intercepted.
### Fixed
- Fixed build with the `vsock` feature.
## [0.13.0]
### Added
- Documentation for Logger API Requests in `docs/api_requests/logger.md`.
- Documentation for Actions API Requests in `docs/api_requests/actions.md`.
- Documentation for MMDS in `docs/mmds.md`.
- Flush metrics on request via a PUT `/actions` with the `action_type` field set
to `FlushMetrics`.
### Changed
- Updated the swagger definition of the `Logger` to specify the required fields
and provide default values for optional fields.
- Default `seccomp-level` is `2` (was previously 0).
- API Resource IDs can only contain alphanumeric characters and underscores.
### Fixed
- Seccomp filters are now applied to all Firecracker threads.
- Enforce minimum length of 1 character for the jailer ID.
- Exit with error code when starting the jailer process fails.
### Removed
- Removed `InstanceHalt` from the list of possible actions.
## [0.12.0]
### Added
- The `/logger` API has a new field called `options`. This is an array of
strings that specify additional logging configurations. The only supported
value is `LogDirtyPages`.
- When the `LogDirtyPages` option is configured via `PUT /logger`, a new metric
called `memory.dirty_pages` is computed as the number of pages dirtied by the
guest since the last time the metric was flushed.
- Log messages on both graceful and forceful termination.
- Availability of the list of dependencies for each commit inside the code base.
- Documentation on vsock experimental feature and host setup recommendations.
### Changed
- `PUT` requests on `/mmds` always return 204 on success.
- `PUT` operations on `/network-interfaces` API resources no longer accept the
previously required `state` parameter.
- The jailer starts with `--seccomp-level=2` (was previously 0) by default.
- Log messages use `anonymous-instance` as instance id if none is specified.
### Fixed
- Fixed crash upon instance start on hosts without 1GB huge page support.
- Fixed "fault_message" inconsistency between Open API specification and code
base.
- Ensure MMDS compatibility with C5's IMDS implementation.
- Corrected the swagger specification to ensure `OpenAPI 2.0` compatibility.
## [0.11.0]
### Added
- Apache-2.0 license
- Docs:
- [charter](CHARTER.md)
- [contribution guidelines](CONTRIBUTING.md)
- [design](docs/design.md)
- [getting started guide](docs/getting-started.md)
- [security policy](SECURITY.md)
- [specifications](SPECIFICATION.md)
- **Experimental** vhost-based vsock implementation.
### Changed
- Improved MMDS network stack performance.
- If the logging system is not yet initialized (via `PUT /logger`), log events
are now sent to stdout/stderr.
- Moved the `instance_info_fails` metric under `get_api_requests`
- Improved [readme](README.md) and added links to more detailed information, now
featured in subject-specific docs.
### Fixed
- Fixed bug in the MMDS network stack, that caused some RST packets to be sent
without a destination.
- Fixed bug in `PATCH /drives`, whereby the ID in the path was not checked
against the ID in the body.
## [0.10.1]
### Fixed
- The Swagger definition was corrected.
## [0.10.0]
### Added
- Each Firecracker process has an associated microVM Metadata Store (MMDS). Its
contents can be configured using the `/mmds` API resource.
### Changed
- The boot source is specified only with the `kernel_image_path` and the
optional parameter `boot_args`. All other fields are removed.
- The `path_on_host` property in the drive specification is now marked as
_mandatory_.
- PATCH drive only allows patching/changing the `path_on_host` property.
- All PUT and PATCH requests return the status code 204.
- CPUID brand string (aka model name) now includes the host CPU frequency.
- API requests which add guest network interfaces have an additional parameter,
`allow_mmds_requests` which defaults to `false`.
- Stopping the guest (e.g. using the `reboot` command) also terminates the
Firecracker process. When the Firecracker process ends for any reason, (other
than `kill -9`), metrics are flushed at the very end.
- On startup `jailer` closes all inherited file descriptors based on
`sysconf(_SC_OPEN_MAX)` except input, output and error.
- The microVM ID prefixes each Firecracker log line. This ID also appears in the
process `cmdline` so it's now possible to `ps | grep <ID>` for it.
## [0.9.0]
### Added
- Seccomp filtering is configured via the `--seccomp-level` jailer parameter.
- Firecracker logs the starting addresses of host memory areas provided as guest
memory slots to KVM.
- The metric `panic_count` gets incremented to signal that a panic has occurred.
- Firecracker logs a backtrace when it crashes following a panic.
- Added basic instrumentation support for measuring boot time.
### Changed
- `StartInstance` is a synchronous API request (it used to be an asynchronous
request).
### Fixed
- Ensure that fault messages sent by the API have valid JSON bodies.
- Use HTTP response code 500 for internal Firecracker errors, and 400 for user
errors on InstanceStart.
- Serialize the machine configuration fields to the correct data types (as
specified in the Swagger definition).
- NUMA node assignment is properly enforced by the jailer.
- The `is_root_device` and `is_read_only` properties are now marked as required
in the Swagger definition of `Drive` object properties.
### Removed
- `GET` requests on the `/actions` API resource are no longer supported.
- The metrics associated with asynchronous actions have been removed.
- Remove the `action_id` parameter for `InstanceStart`, both from the URI and
the JSON request body.
## [0.8.0]
### Added
- The jailer can now be configured to enter a preexisting network namespace, and
to run as a daemon.
- Enabled PATCH operations on `/drives` resources.
### Changed
- The microVM `id` supplied to the jailer may now contain alphanumeric
characters and hyphens, up to a maximum length of 64 characters.
- Replaced the `permissions` property of `/drives` resources with a boolean.
- Removed the `state` property of `/drives` resources.
## [0.7.0]
### Added
- Rate limiting functionality allows specifying an initial one time burst size.
- Firecracker can now boot from an arbitrary boot partition by specifying its
unique id in the driver's API call.
- Block device rescan is triggered via a PUT `/actions` with the drive ID in the
action body's `payload` field and the `action_type` field set to
`BlockDeviceRescan`.
### Changed
- Removed `noapic` from the default guest kernel command line.
- The `action_id` parameter is no longer required for synchronous PUT requests
to `/actions`.
- PUT requests are no longer allowed on `/drives` resources after the guest has
booted.
### Fixed
- Fixed guest instance kernel loader to accelerate vCPUs launch and consequently
guest kernel boot.
- Fixed network emulation to improve IO performance.
## [0.6.0]
### Added
- Firecracker uses two different named pipes to record human readable logs and
metrics, respectively.
### Changed
- Seccomp filtering can be enabled via setting the `USE_SECCOMP` environment
variable.
- It is possible to supply only a partial specification when attaching a rate
limiter (i.e. just the bandwidth or ops parameter).
- Errors related to guest network interfaces are now more detailed.
### Fixed
- Fixed a bug that was causing Firecracker to panic whenever a `PUT` request was
sent on an existing network interface.
- The `id` parameter of the `jailer` is required to be an RFC 4122-compliant
UUID.
- Fixed an issue which caused the network RX rate limiter to be more restrictive
than intended.
- API requests which contain unknown fields will generate an error.
- Fixed an issue related to high CPU utilization caused by improper `KVM PIT`
configuration.
- It is now possible to create more than one network tun/tap interface inside a
jailed Firecracker.
## [0.5.0]
### Added
- Added metrics for API requests, VCPU and device actions for the serial console
(`UART`), keyboard (`i8042`), block and network devices. Metrics are logged
every 60 seconds.
- A CPU features template for C3 is available, in addition to the one for T2.
- Seccomp filters restrict Firecracker from calling any other system calls than
the minimum set it needs to function properly. The filters are enabled by
setting the `USE_SECCOMP` environment variable to 1 before running
Firecracker.
- Firecracker can be started by a new binary called `jailer`. The jailer takes
as command line arguments a unique ID, the path to the Firecracker binary, the
NUMA node that Firecracker will be assigned to and a `uid` and `gid` for
Firecracker to run under. It sets up a `chroot` environment and a `cgroup`,
and calls exec to morph into Firecracker.
### Changed
- In case of failure, the metrics and the panic location are logged before
aborting.
- Metric values are reset with every flush.
- `CPUTemplate` is now called `CpuTemplate` in order to work seamlessly with the
swagger code generator for Go.
- `firecracker-beta.yaml` is now called `firecracker.yaml`.
### Fixed
- Handling was added for several untreated KVM exit scenarios, which could have
led to panic.
- Fixed a bug that caused Firecracker to crash when attempting to disable the
`IA32_DEBUG_INTERFACE MSR` flag in the T2 CPU features.
### Removed
- Removed a leftover file generated by the logger unit tests.
- Removed `firecracker-v1.0.yaml`.
## [0.4.0]
### Added
- The CPU Template can be set with an API call on `PUT /machine-config`. The
only available template is T2.
- Hyperthreading can be enabled/disabled with an API call on
`PUT /machine-config`. By default, hyperthreading is disabled.
- Added boot time performance test (`tests/performance/test_boottime.py`).
- Added Rate Limiter for VirtIO/net and VirtIO/net devices. The Rate Limiter
uses two token buckets to limit rate on bytes/s and ops/s. The rate limiter
can be (optionally) configured per drive with a `PUT` on `/drives/{drive_id}`
and per network interface with a `PUT` on `/network-interface/{iface_id}`.
- Implemented pre-boot PUT updates for `/boot-source`, `/drives`,
`/network-interfaces` and `/vsock`.
- Added integration tests for `PUT` updates.
### Changed
- Moved the API definition (`swagger/firecracker-beta.yaml`) to the `api_server`
crate.
- Removed `"console=ttyS0"` and added `"8250.nr_uarts=0"` to the default kernel
command line to decrease the boot time.
- Changed the CPU topology to have all logical CPUs on a single socket.
- Removed the upper bound on CPU count as with musl there is no good way to get
the total number of logical processors on a host.
- Build time tests now print the full output of commands.
- Disabled the Performance Monitor Unit and the Turbo Boost.
- Check the expected KVM capabilities before starting the VM.
- Logs now have timestamps.
### Fixed
- `testrun.sh` can run on platforms with more than one package manager by
setting the package manager via a command line parameter (`-p`).
- Allow correct set up of multiple network-interfaces with auto-generated MAC.
- Fixed sporadic bug in VirtIO which was causing lost packages.
- Don't allow `PUT` requests with empty body on `/machine-config`.
- Deny `PUT` operations after the microvm boots (exception: the temporarily fix
for live resize of block devices).
### Removed
- Removed examples crate. This used to have a Python example of starting
Firecracker. This is replaced by `test_api.py` integration tests.
- Removed helper scripts for getting coverage and coding style errors. These
were replaced by `test_coverage.py` and `test_style.py` test integration
tests.
- Removed `--vmm-no-api` command line option. Firecracker can only be started
via the API.
## [0.3.0]
### Added
- Users can interrogate the Machine Configuration (i.e. vcpu count and memory
size) using a `GET` request on `/machine-config`.
- The logging system can be configured through the API using a `PUT` on
`/logger`.
- Block devices support live resize by calling `PUT` with the same parameters as
when the block was created.
- Release builds have Link Time Optimization (LTO) enabled.
- Firecracker is built with `musl`, resulting in a statically linked binary.
- More in-tree integration tests were added as part of the continuous
integration system.
### Changed
- The vcpu count is enforced to `1` or an even number.
- The Swagger definition of rate limiters was updated.
- Syslog-enabled logs were replaced with a host-file backed mechanism.
### Fixed
- The host topology of the CPU and the caches is not leaked into the microvm
anymore.
- Boot time was improved by advertising the availability of the TSC deadline
timer.
- Fixed an issue which prevented Firecracker from working on 4.14 (or newer)
host kernels.
- Specifying the MAC address for an interface through the API is optional.
### Removed
- Removed support for attaching vsock devices.
- Removed support for building Firecracker with glibc.
## [0.2.0]
### Added
- Users can now interrogate Instance Information (currently just instance state)
through the API.
### Changed
- Renamed `api/swagger/all.yaml` to `api/swagger/firecracker-v1.0.yaml` which
specifies targeted API support for Firecracker v1.0.
- Renamed `api/swagger/firecracker-v0.1.yaml` to
`api/swagger/firecracker-beta.yaml` which specifies the currently supported
API.
- Users can now enforce that an emulated block device is read-only via the API.
To specify whether a block device is read-only or read-write, an extra
"permissions" field was added to the Drive definition in the API. The root
filesystem is automatically mounted in the guest OS as `ro`/`rw` according to
the specified "permissions". It's the responsibility of the user to mount any
other read-only block device as such within the guest OS.
- Users can now stop the guest VM using the API. Actions of type `InstanceHalt`
are now supported via the API.
### Fixed
- Added support for `getDeviceID()` in `virtIO-block`. Without this, the guest
Linux kernel would complain at boot time that the operation is unsupported.
- `stdin` control is returned to the Firecracker process when guest VM is
inactive. Raw mode `stdin` is forwarded to the guest OS when guest VM is
running.
### Removed
- Removed `api/swagger/actions.yaml`.
- Removed `api/swagger/devices.yaml`.
- Removed `api/swagger/firecracker-mvp.yaml`.
- Removed `api/swagger/limiters.yaml`.
## [0.1.1]
### Changed
- Users can now specify the MAC address of a guest network interface via the
`PUT` network interface API request. Previously, the guest MAC address
parameter was ignored.
### Fixed
- Fixed a guest memory allocation issue, which previously led to a potentially
significant memory chunk being wasted.
- Fixed an issue which caused compilation problems, due to a compatibility
breaking transitive dependency in the tokio suite of crates.
## [0.1.0]
### Added
- One-process virtual machine manager (one Firecracker per microVM).
- RESTful API running on a unix socket. The API supported by v0.1 can be found
at `api/swagger/firecracker-v0.1.yaml`.
- Emulated keyboard (`i8042`) and serial console (`UART`). The microVM serial
console input and output are connected to those of the Firecracker process
(this allows direct console access to the guest OS).
- The capability of mapping an existing host tun-tap device as a VirtIO/net
device into the microVM.
- The capability of mapping an existing host file as a GirtIO/block device into
the microVM.
- The capability of creating a VirtIO/vsock between the host and the microVM.
- Default demand fault paging & CPU oversubscription.
================================================
FILE: CHARTER.md
================================================
# Firecracker Charter
## Mission
Our mission is to enable secure, multi-tenant, minimal-overhead execution of
container and function workloads.
## Tenets (unless you know better ones)
These tenets guide Firecracker's development:
1. **Built-In Security**: We provide compute security barriers that enable
multi-tenant workloads, and cannot be mistakenly disabled by customers.
Customer workloads are simultaneously considered sacred (shall not be
touched) and malicious (shall be defended against). We continuously invest in
defense in depth and maintain mechanisms that ensure security best practices.
1. **Light-Weight Virtualization**: We prioritize measuring Firecracker's
hardware overhead in the dimensions that are important for our customers, and
we strive to make this overhead negligible.
1. **Minimalist in Features**: If it's not clearly required for our mission, we
won't build it. We maintain a single implementation per capability, and
deprecate obsolete implementations; resolving exceptions is a high priority
issue.
1. **Compute Oversubscription**: All of the hardware compute resources exposed
by Firecracker to guests can be securely oversubscribed.
## Contributions & Project Roles
All contributions must align with this charter and follow Firecracker's
[contribution process](CONTRIBUTING.md).
Firecracker [maintainers](MAINTAINERS.md) merge contributions into the main
branch and create Firecracker releases. Maintainers are also subject to the
mission and tenets outlined above. Anyone may submit and review contributions.
================================================
FILE: CODE_OF_CONDUCT.md
================================================
# Code of Conduct
This project has adopted the
[Amazon Open Source Code of Conduct](https://aws.github.io/code-of-conduct). For
more information see the
[Code of Conduct FAQ](https://aws.github.io/code-of-conduct-faq) or contact
[opensource-codeofconduct@amazon.com](mailto:opensource-codeofconduct@amazon.com)
with any additional questions or comments.
================================================
FILE: CONTRIBUTING.md
================================================
# Contributions Welcome
Firecracker is running serverless workloads at scale within AWS, but it's still
day 1 on the journey guided by our [mission](CHARTER.md). There's a lot more to
build and we welcome all contributions.
There's a lot to contribute to in Firecracker. We've opened issues for all the
features we want to build and improvements we want to make. Good first issues
are labeled accordingly. We're also keen to hearing about your use cases and how
we can support them, your ideas, and your feedback for what's already here.
If you're just looking for quick feedback for an idea or proposal, open an
[issue](https://github.com/firecracker-microvm/firecracker/issues) or chat with
us on the [Firecracker Slack workgroup](https://firecracker-microvm.slack.com).
Follow the [contribution workflow](#contribution-workflow) for submitting your
changes to the Firecracker codebase. If you want to receive high-level but still
commit-based feedback for a contribution, follow the
[request for comments](#request-for-comments) steps instead.
## Contribution Workflow
Firecracker uses the “fork-and-pull” development model. Follow these steps if
you want to merge your changes to Firecracker:
1. Within your fork of
[Firecracker](https://github.com/firecracker-microvm/firecracker), create a
branch for your contribution. Use a meaningful name.
1. Create your contribution, meeting all
[contribution quality standards](#contribution-quality-standards)
1. [Create a pull request](https://help.github.com/articles/creating-a-pull-request-from-a-fork/)
against the main branch of the Firecracker repository.
1. Add two reviewers to your pull request (a maintainer will do that for you if
you're new). Work with your reviewers to address any comments and obtain a
minimum of 2 approvals from [maintainers](MAINTAINERS.md). To update your
pull request, amend existing commits whenever applicable. Then force-push the
new changes to your pull request branch. Address all review comments you
receive.
1. Once the pull request is approved, one of the maintainers will merge it.
## Request for Comments
If you just want to receive feedback for a contribution proposal, open an “RFC”
(“Request for Comments”) pull request:
1. On your fork of
[Firecracker](https://github.com/firecracker-microvm/firecracker), create a
branch for the contribution you want feedback on. Use a meaningful name.
1. Create your proposal based on the existing codebase.
1. [Create a pull request](https://help.github.com/articles/creating-a-pull-request-from-a-fork/)
against the main branch of the Firecracker repository. Prefix your pull
request name with `[RFC]`.
1. Discuss your proposal with the community on the pull request page (or on any
other channel). Add the conclusion(s) of this discussion to the pull request
page.
## Contribution Quality Standards
Most quality and style standards are enforced automatically during integration
testing. For ease of use you can set up a git pre-commit hook by running the
following in the Firecracker root directory:
```
cat >> .git/hooks/pre-commit << EOF
./tools/devtool checkstyle || exit 1
./tools/devtool checkbuild --all || exit 1
EOF
```
The first command will automatically lint your Rust, markdown and python changes
when running `git commit`, as well as running any other checks our CI validates
as part of its 'Style' step. Most reported violations can be automatically fixed
using `./tools/devtool fmt`. The second command will then check that the code
correctly compiles on all supported architectures, and that it passes Rust
clippy rules defined for the project.
Your contribution needs to meet the following standards:
- Separate each **logical change** into its own commit.
- Each commit must pass all unit & code style tests, and the full pull request
must pass all integration tests. See [tests/README.md](tests/README.md) for
information on how to run tests.
- Unit test coverage must _increase_ the overall project code coverage.
- Include integration tests for any new functionality in your pull request.
- Document all your public functions.
- Add a descriptive message for each commit. Follow
[commit message best practices](https://github.com/erlang/otp/wiki/writing-good-commit-messages).
- A good commit message may look like
```
A descriptive title of 72 characters or fewer
A concise description where each line is 72 characters or fewer.
Signed-off-by: <A full name> <A email>
Co-authored-by: <B full name> <B email>
```
- **Usage of `unsafe` is heavily discouraged**. If `unsafe` is required, it
should be accompanied by a comment detailing its...
- Justification, potentially including quantifiable reasons why safe
alternatives were not used (e.g. via a benchmark showing a valuable[^1]
performance improvements).
- Safety, as per
[`clippy::undocumented_unsafe_blocks`](https://rust-lang.github.io/rust-clippy/master/#undocumented_unsafe_blocks).
This comment must list all invariants of the called function, and explain
why there are upheld. If relevant, it must also prove that
[undefined behavior](https://doc.rust-lang.org/reference/behavior-considered-undefined.html)
is not possible.
E.g.
```rust
// Test creating a resource.
// JUSTIFICATION: This cannot be accomplished without unsafe as
// `external_function()` returns `RawFd`. An alternative here still uses
// unsafe e.g. `drop(unsafe { OwnedFd::from_raw_fd(external_function()) });`.
// SAFETY: `external_function()` returns a valid file descriptor.
unsafe {
libc::close(external_function());
}
```
- Avoid using `Option::unwrap`/`Result::unwrap`. Prefer propagating errors
instead of aborting execution, or using `Option::expect`/`Result::except` if
no alternative exists. Leave a comment explaining why the code will not panic
in practice. Often, `unwrap`s are used because a previous check ensures they
are safe, e.g.
```rs
let my_value: u32 = ...;
if my_value <= u16::MAX {
Ok(my_value.try_into::<u16>().unwrap())
} else {
Err(Error::Overflow)
}
```
These can often be rewritten using `.map`/`.map_err` or `match`/`if let`
constructs such as
```rs
my_value.try_into::<u16>()
.map_err(|_| Error::Overflow)
```
See also
[this PR](https://github.com/firecracker-microvm/firecracker/pull/3557) for a
lot of examples.
- Document your pull requests. Include the reasoning behind each change, and the
testing done.
- Acknowledge Firecracker's [Apache 2.0 license](LICENSE) and certify that no
part of your contribution contravenes this license by signing off on all your
commits with `git -s`. Ensure that every file in your pull request has a
header referring to the repository license file.
## Developer Certificate of Origin
Firecracker is an open source product released under the
[Apache 2.0 license](LICENSE).
We respect intellectual property rights of others and we want to make sure all
incoming contributions are correctly attributed and licensed. A Developer
Certificate of Origin (DCO) is a lightweight mechanism to do that.
The DCO is a declaration attached to every contribution made by every developer.
In the commit message of the contribution, the developer simply adds a
`Signed-off-by` statement and thereby agrees to the DCO, which you can find
below or at DeveloperCertificate.org (<http://developercertificate.org/>).
```
Developer's Certificate of Origin 1.1
By making a contribution to this project, I certify that:
(a) The contribution was created in whole or in part by me and I
have the right to submit it under the open source license
indicated in the file; or
(b) The contribution is based upon previous work that, to the
best of my knowledge, is covered under an appropriate open
source license and I have the right under that license to
submit that work with modifications, whether created in whole
or in part by me, under the same open source license (unless
I am permitted to submit under a different license), as
Indicated in the file; or
(c) The contribution was provided directly to me by some other
person who certified (a), (b) or (c) and I have not modified
it.
(d) I understand and agree that this project and the contribution
are public and that a record of the contribution (including
all personal information I submit with it, including my
sign-off) is maintained indefinitely and may be redistributed
consistent with this project or the open source license(s)
involved.
```
We require that every contribution to Firecracker is signed with a Developer
Certificate of Origin. DCO checks are enabled via <https://github.com/apps/dco>,
and your PR will fail CI without it.
Additionally, we kindly ask you to use your real name. We do not accept
anonymous contributors, nor those utilizing pseudonyms. Each commit must include
a DCO which looks like this:
```
Signed-off-by: Jane Smith <jane.smith@email.com>
```
You may type this line on your own when writing your commit messages. However,
if your `user.name` and `user.email` are set in your git config, you can use
`-s` or `--signoff` to add the `Signed-off-by` line to the end of the commit
message automatically.
Forgot to add DCO to a commit? Amend it with `git commit --amend -s`.
[^1]: Performance improvements in non-hot paths are unlikely to be considered
valuable.
================================================
FILE: CREDITS.md
================================================
# Firecracker Credits and Thanks
(This file is autogenerated using [update-credits.sh](tools/update-credits.sh).)
Firecracker started with the code from the Chrome OS Virtual Machine Monitor
([crosvm](https://github.com/google/crosvm)), a VMM written in Rust with a focus
on safety and security. Thanks go to:
- [Zach Reizner](https://github.com/zachreizner) <zachr@chromium.org>
- [Dylan Reid](https://github.com/dgreid) <dgreid@chromium.org>
- [Daniel Verkamp](https://github.com/danielverkamp) <dverkamp@chromium.org>
- [Stephen Barber](https://github.com/smibarber) <smbarber@chromium.org>
- [Chirantan Ekbote](https://github.com/jynnantonix) <chirantan@chromium.org>
- [Jason D. Clinton](https://github.com/jclinton) <jclinton@chromium.org>
- Sonny Rao <sonnyrao@chromium.org>
Contributors to the Firecracker repository:
- Aaqa Ishtyaq <aaqaishtyaq@gmail.com>
- Aaron Hill <aa1ronham@gmail.com>
- Aaron O'Mullan <aaron.omullan@gmail.com>
- Abhijeet Kasurde <akasurde@redhat.com>
- acatangiu <adrian@parity.io>
- acsmyth <54330152+acsmyth@users.noreply.github.com>
- Adam Jensen <adam@acj.sh>
- Adam Leskis <leskis@gmail.com>
- Adrian Catangiu <acatan@amazon.com>
- Ahmed Abouzied <ahmedaabouzied44@gmail.com>
- Akhil Mohan <akhilerm@gmail.com>
- Alakesh <alakeshh@amazon.com>
- Aleksa Sarai <cyphar@cyphar.com>
- Alex Chan <a.chan@wellcome.ac.uk>
- Alex Glikson <alex.glikson@gmail.com>
- Alexandra Iordache <aghecen@amazon.com>
- Alexandru Agache <aagch@amazon.com>
- Alexandru Branciog <branciog@amazon.com>
- Alexandru Cihodaru <cihodar@amazon.com>
- Alexandru-Cezar Sardan <alsardan@amazon.com>
- Alin Dima <alindima@amazon.com>
- Anatoli Babenia <anatoli@rainforce.org>
- Andrea Manzini <andrea.manzini@suse.com>
- Andreea Florescu <fandree@amazon.com>
- Andrei Casu-Pop <cpo@amazon.com>
- Andrei Cipu <acipu@amazon.com>
- Andrei Sandu <sandreim@amazon.com>
- Andrew Laucius <andrewla@gmail.com>
- Andrew Yao <andr3wy@gmail.com>
- Andrii Radyk <ander.ender@gmail.com>
- andros21 <andrea.ros21@murena.io>
- Angus McInnes <angus@amcinnes.info>
- Arjun Ramachandrula <avrdev77@gmail.com>
- Arun Gupta <arun.gupta@gmail.com>
- Arunav Sanyal <Khalian@users.noreply.github.com>
- Ashwin Ginoria <aginoria@amazon.com>
- Atsushi Ishibashi <atsushi.ishibashi@finatext.com>
- Aussie Schnore <aussiev123@yahoo.com>
- Austin Vazquez <macedonv@amazon.com>
- Ayato Tokubi <tokubi.ayato@gmail.com>
- Babis Chalios <bchalios@amazon.es>
- Bartosz Zbytniewski <bartosz.zbytniewski.dev@gmail.com>
- Begley Brothers Inc <begleybrothers@gmail.com>
- Ben Holmes <bencwholmes@gmail.com>
- Benjamin Fry <benjaminfry@me.com>
- bin liu <bin@hyper.sh>
- binoychitale <binoychitale@gmail.com>
- Bob Potter <bobby.potter@gmail.com>
- Bogdan Ionita <bci@amazon.com>
- Brandon Duffany <brandon@buildbuddy.io>
- Brandon Pike <bpike@amazon.com>
- Caleb Albers <7110138+CalebAlbers@users.noreply.github.com>
- Cam Mannett <camden.mannett@protonmail.ch>
- Carlos López <carlos.lopez@suse.com>
- chaos matrix <mythsphoenix@outlook.com>
- Char1ee <xingjianli59@gmail.com>
- Chinmay Kousik <chinmaykousik1@gmail.com>
- Chris Christensen <christianchristensen@gmail.com>
- Christian González <cgonzalez@opennebula.io>
- Christopher Diehl <diehl.chris24@gmail.com>
- Christos Katsakioris <ckatsak@cslab.ece.ntua.gr>
- cneira <cneirabustos@gmail.com>
- Colin Percival <cperciva@freebsd.org>
- Colton J. McCurdy <mccurdyc22@gmail.com>
- Constantin Musca <mcostin@amazon.com>
- CuriousCorrelation <curiouscorrelation@protonmail.com>
- czybjtu <smartczy@outlook.com>
- Dakshin Devanand <dakshind2005@gmail.com>
- Damien Stanton <damien.stanton@gmail.com>
- Dan Horobeanu <dhr@amazon.com>
- Dan Lemmond <d.j.lemmond@gmail.com>
- David Michael <fedora.dm0@gmail.com>
- David Nguyen <nguydavi@amazon.com>
- David Son <davbson@amazon.com>
- David Ventura <davidventura27@gmail.com>
- Deepesh Pathak <deepshpathak@gmail.com>
- defunct <defunct@defunct.io>
- Denis Andrejew <da.colonel@gmail.com>
- Derek Manwaring <derekmn@amazon.com>
- Diana Popa <dpopa@amazon.com>
- Dmitrii <dmitrii.ustiugov@epfl.ch>
- Echo-Head-Wall <101990236+Echo-Head-Wall@users.noreply.github.com>
- Eddie Cazares <Ecazares15@utexas.edu>
- Eduard Kyvenko <eduard.kyvenko@gmail.com>
- Egor Lazarchuk <yegorlz@amazon.co.uk>
- Emmanuel Ferdman <emmanuelferdman@gmail.com>
- EvanJP <evanp1999@gmail.com>
- Felipe R. Monteiro <felisous@amazon.com>
- Filippo Sironi <sironi@amazon.de>
- Fraser Pringle <fraser.pringle@gmail.com>
- Gabe Jackson <gj@mail.co.de>
- Gabriel Ionescu <gbi@amazon.com>
- Gabriel Kopper <41166074+gckopper@users.noreply.github.com>
- Garrett Squire <garrettsquire@gmail.com>
- George Pisaltu <gpl@amazon.com>
- George Siton <geosit@amazon.com>
- german gomez <germangb42@gmail.com>
- Gilad Naaman <gilad@naaman.io>
- Greg Dunn <gregdunn@amazon.com>
- Gregory Brzeski <gregory@brzeski.pl>
- Grzegorz Uriasz <gorbak25@gmail.com>
- Gudmundur Bjarni Olafsson <gudmundur.bjarni@gmail.com>
- Gulshan Kumar <kumargu@amazon.com>
- Gábor Lipták <gliptak@gmail.com>
- hacker65536 <s.hacker65536@gmail.com>
- hatf0 <harrison@0xcc.pw>
- Henri Yandell <hyandell@users.noreply.github.com>
- Hermes <hermes.espinola@gmail.com>
- Himanshu Neema <himanshun.iitkgp@gmail.com>
- HQ01 <qh384@nyu.edu>
- huang-jl <1046678590@qq.com>
- Iggy Jackson <iggy@theiggy.com>
- ihciah <ihciah@gmail.com>
- Ioana Chirca <chioana@amazon.com>
- Ishwor Gurung <me@ishworgurung.com>
- Iulian Barbu <iul@amazon.com>
- Ives van Hoorne <ives@codesandbox.io>
- Jack Thomson <jackabt@amazon.co.uk>
- jackabald <jwarchibald@wisc.edu>
- James Curtis <jxcurtis@amazon.co.uk>
- James Turnbull <james@lovedthanlost.net>
- Javier Romero <xavinux@gmail.com>
- Jeff Widman <jeff@jeffwidman.com>
- Jerome Gravel-Niquet <jeromegn@gmail.com>
- Jing Yang <k.jingyang@gmail.com>
- joaoleal <devjoaoleal1006@gmail.com>
- Joel Winarske <joel.winarske@linux.com>
- jonas serrano <jonas.corp@gmail.com>
- Jonathan Browne <12983479+JBYoshi@users.noreply.github.com>
- Jonathan Woollett-Light <jcawl@amazon.co.uk>
- Josh Abraham <sinisterpatrician@gmail.com>
- Josh McConnell <jmcconnell26@qub.ac.uk>
- Joshua Abraham <sinisterpatrician@gmail.com>
- Julian Stecklina <js@alien8.de>
- Justus Adam <justbldr@amazon.com>
- Ján Mochňak <mochja@users.noreply.github.com>
- kanpov <karpovanton729@gmail.com>
- karthik nedunchezhiyan <karthik.n@zohocorp.com>
- KarthikVelayutham <karthik.velayutham@gmail.com>
- Kazuyoshi Kato <katokazu@amazon.com>
- keyangxie <keyang.xie@gmail.com>
- Kornel <kornel@cloudflare.com>
- Krishna Kumar T <krishna.thokala2010@gmail.com>
- krk <keremkat@gmail.com>
- kumargu <kumargu@amazon.com>
- Laura Loghin <lauralg@amazon.com>
- lifupan <lifupan@gmail.com>
- Liu Jiang <gerry@linux.alibaba.com>
- Liviu Berciu <lberciu@amazon.com>
- Lloyd <lloydmeta@gmail.com>
- lloydmeta <lloydmeta@gmail.com>
- longxiangqiao <longxiangqiao@qq.com>
- Lorenzo Fontana <fontanalorenz@gmail.com>
- LOU Xun <aquarhead@ela.build>
- Lucas Zanela <me@lucaszanella.com>
- Lukas Schwerdtfeger <lukas.schwerdtfeger@gmail.com>
- Luminita Voicu <lumivo@amazon.com>
- maciejhirsz <maciej.hirsz@gmail.com>
- Malhar Vora <mlvora.2010@gmail.com>
- Manohar Castelino <manohar.r.castelino@intel.com>
- Marc Brooker <mbrooker@amazon.com>
- Marco Cali <xmarcalx@amazon.co.uk>
- Marco Vedovati <mvedovati@suse.com>
- Markus Ziller <web+github@markusziller.de>
- Masatoshi Higuchi <matt9ucci@gmail.com>
- Massimiliano Torromeo <massimiliano.torromeo@gmail.com>
- Matias Teragni <mteragni@amazon.com>
- Matt Wilson <msw@amazon.com>
- Matthew Buckingham-Bishop <matthew@morph.so>
- Matthew Schlebusch <schlebus@amazon.com>
- Max Wittek <wimax@graplsecurity.com>
- Mehrdad Arshad Rad <arshad.rad@gmail.com>
- Michael Jarrett <1077485+EmeraldShift@users.noreply.github.com>
- Michael Saah <msaah@linode.com>
- Mihai Stan <stanmihai17cs@gmail.com>
- milahu <milahu@gmail.com>
- moricho <ikeda.morito@gmail.com>
- Muki Kiboigo <muki@kiboigo.com>
- Muskaan Singla <msinglaa@amazon.com>
- Narek Galstyan <narekg@berkeley.edu>
- Nathan Hoang <nathanhoang5@gmail.com>
- Nathan Sizemore <nathanrsizemore@gmail.com>
- Nicolas Mesa <nicolasmesa@gmail.com>
- NikeNano <niklas.sven.hansson@gmail.com>
- Nikita Kalyazin <kalyazin@amazon.co.uk>
- Nikita Zakirov <zakironi@amazon.com>
- Nikolay Edigaryev <edigaryev@gmail.com>
- Noah Meyerhans <nmeyerha@amazon.com>
- not required <bertdeb@gmail.com>
- one230six <723682061@qq.com>
- Pablo Barbáchano <pablob@amazon.com>
- Patrick Roy <roypat@amazon.co.uk>
- Paweł Bęza <pawel.beza99@gmail.com>
- Peng Tao <bergwolf@gmail.com>
- Penny Zheng <penny.zheng@arm.com>
- Peter Hrvola <peter.hrvola@hotmail.com>
- Petre Eftime <epetre@amazon.com>
- Petros Angelatos <petrosagg@gmail.com>
- Piyush Jain <piyushkj@cs.utexas.edu>
- python273 <iam@python273.pw>
- Radu Iliescu <riliescu@amazon.com>
- Radu Matei Lăcraru <ral@amazon.com>
- Radu Weiss <raduweis@amazon.com>
- Ram Sripracha <ramsri@amazon.com>
- rares <raresgmihalcea@gmail.com>
- razn <rezwele@gmail.com>
- Ria <juthi_paul@utexas.edu>
- Riccardo Mancini <mancio@amazon.com>
- Richard Case <richard@weave.works>
- River Phillips <riverphillips1@gmail.com>
- Rob Devereux <robdevereux92@gmail.com>
- Robert Grimes <rmzgrimes@gmail.com>
- Rodrigue Chakode <rodrigue.chakode@continental-corporation.com>
- Rolf Neugebauer <neugebar@amazon.com>
- Ryan Russell <git@ryanrussell.org>
- Ryan Summerlin <summerlinryan@gmail.com>
- Sam Jackson <sam@clique.app>
- Samuel Knox <knoxsa@oregonstate.edu>
- Samuel Ortiz <sameo@linux.intel.com>
- ScmTble <ScmTble@qq.com>
- seafoodfry <99568361+seafoodfry@users.noreply.github.com>
- Sean Lavine <freewil@users.noreply.github.com>
- Sebastien Boeuf <sebastien.boeuf@intel.com>
- Serban Iorga <seriorga@amazon.com>
- shakram02 <ahmedhamdyau@gmail.com>
- Shen Jiale <shenjiale@baidu.com>
- Sheng-Wei (Way) Chen <waychensw@gmail.com>
- Shion Yamashita <shioyama1118@gmail.com>
- singwm <singwm@amazon.com>
- sladynnunes <snunes@usc.edu>
- Sripracha <ramsri@amazon.com>
- Stefan Nita <32079871+stefannita01@users.noreply.github.com>
- StemCll <lydjotj6f@mozmail.com>
- Steven Wirges <steven.wirges@gmail.com>
- Sudan Landge <sudanl@amazon.co.uk>
- sundar.preston.789@gmail.com <sundar.preston.789@gmail.com>
- Takahiro Itazuri <itazur@amazon.com>
- Tal Hoffman <talhof8@gmail.com>
- Tamio-Vesa Nakajima <tamiove@amazon.com>
- tidux <jon@dorsal.tk>
- Tim Bannister <tim@scalefactory.com>
- Tim Deegan <tdeegan@amazon.com>
- timvisee <tim@visee.me>
- Tobias Pfandzelter <pfandzelter@campus.tu-berlin.de>
- Tomas Valenta <valenta.and.thomas@gmail.com>
- tommady <tommady@users.noreply.github.com>
- Tomoya Iwata <iwata.tomoya@classmethod.jp>
- Trăistaru Andrei Cristian <atc@amazon.com>
- Tyler Anton <tyler@debian.anton>
- Urvil Patel <patelurvil38@gmail.com>
- Vibha Acharya <vibharya@amazon.co.uk>
- Volker Simonis <volker.simonis@gmail.com>
- Wei Yang <richard.weiyang@linux.alibaba.com>
- Weixiao Huang <hwx.simle@gmail.com>
- Wesley Norris <repnop@outlook.com>
- William Hammond <william.t.hammond@gmail.com>
- wllenyj <wllenyj@linux.alibaba.com>
- wt-l00 <ei13suke@gmail.com>
- Xiangpeng Hao <haoxiangpeng123@gmail.com>
- xibz <impactbchang@gmail.com>
- xiekeyang <keyang.xie@gmail.com>
- Ye Sijun <junnplus@gmail.com>
- Yichen Zhang <jakezhang2020@gmail.com>
- YLyu <lyuyuan92@gmail.com>
- YUAN LYU <lyuyuan92@gmail.com>
- Yuval Kohavi <yuval.kohavi@gmail.com>
- Yılmaz ŞEN <yilmazsen94@gmail.com>
- Zhenyu Qi <qzydustin@hotmail.com>
- Zi Shen Lim <zlim.lnx@gmail.com>
- Zicklag <zicklag@katharostech.com>
- Дамјан Георгиевски <gdamjan@gmail.com>
================================================
FILE: Cargo.toml
================================================
[workspace]
members = ["src/*"]
# We exclude the jailer below so that it does not get build by default. This is because "cargo build" compiles
# for the gnu target, and the jailer needs a statically compiled binary to work correctly.
# See https://github.com/firecracker-microvm/firecracker/commit/3bf285c8f8a815149923c562dd7edaffcaf10c4e
# and https://github.com/firecracker-microvm/firecracker/issues/2102
default-members = [
"src/clippy-tracing",
"src/cpu-template-helper",
"src/firecracker",
"src/rebase-snap",
"src/seccompiler",
"src/snapshot-editor",
"src/acpi-tables",
]
resolver = "2"
[workspace.lints.rust]
missing_debug_implementations = "warn"
unexpected_cfgs = { level = "warn", check-cfg = ['cfg(kani)'] }
[workspace.lints.clippy]
ptr_as_ptr = "warn"
undocumented_unsafe_blocks = "warn"
cast_possible_truncation = "warn"
cast_possible_wrap = "warn"
cast_sign_loss = "warn"
exit = "warn"
tests_outside_test_module = "warn"
assertions_on_result_states = "warn"
error_impl_error = "warn"
or_fun_call = "warn"
[profile.dev]
panic = "abort"
[profile.release]
panic = "abort"
lto = true
strip = "none"
[profile.bench]
strip = "debuginfo"
================================================
FILE: DEPRECATED.md
================================================
# Deprecated Features
The following functionality of Firecracker is deprecated, and will be removed in
a future major Firecracker release, in accordance with our
[release policy](docs/RELEASE_POLICY.md).
- \[[#2763](https://github.com/firecracker-microvm/firecracker/pull/2763)\] The
`vsock_id` body field in `PUT` requests on `/vsock`
- \[[#2980](https://github.com/firecracker-microvm/firecracker/pull/2980)\] The
`mem_file_path` body field in `PUT` requests on `/snapshot/load`
- \[[#2973](https://github.com/firecracker-microvm/firecracker/pull/2973)\]
MicroVM Metadata Service v1 (MMDSv1)
- \[[#4126](https://github.com/firecracker-microvm/firecracker/pull/4126)\]
Static CPU templates
- \[[#4209](https://github.com/firecracker-microvm/firecracker/pull/4209)\] The
`rebase-snap` tool
- \[[#4500](https://github.com/firecracker-microvm/firecracker/pull/4500)\] The
`--start-time-cpu-us` and `--start-time-us` CLI arguments
- \[[#4428](https://github.com/firecracker-microvm/firecracker/pull/4428)\]
Booting microVMs using MPTable and command line parameters for VirtIO devices.
The functionality is substituted with ACPI.
- \[[#2628](https://github.com/firecracker-microvm/firecracker/pull/2628)\] The
`--basic` parameter of `seccompiler-bin`.
- \[[#5274](https://github.com/firecracker-microvm/firecracker/pull/5274)\]: The
`enable_diff_snapshots` body field in `PUT` requests on `/snapshot/load`
================================================
FILE: FAQ.md
================================================
# Firecracker Frequently Asked Questions
## About Firecracker
### What is Firecracker?
Firecracker is an open source Virtual Machine Monitor (VMM) that enables secure,
multi-tenant, minimal-overhead execution of container and function workloads.
### Who developed Firecracker?
Firecracker was built by developers at Amazon Web Services to enable services
such as [AWS Lambda](https://aws.amazon.com/lambda/) and
[AWS Fargate](https://aws.amazon.com/fargate/) to improve resource utilization
and customer experience, while providing the security and isolation required of
public cloud infrastructure. Firecracker started from Chromium OS's Virtual
Machine Monitor, [crosvm](https://github.com/google/crosvm), an open source VMM
written in Rust. Today, crosvm and Firecracker have diverged to serve very
different customer needs. [Rust-vmm](https://github.com/rust-vmm) is an open
source community where we collaborate with the crosvm maintainers and other
groups and individuals to build and share quality Rust virtualization
components.
### Why did you develop Firecracker?
When we launched Lambda in November of 2014, we were focused on providing a
secure [serverless](https://aws.amazon.com/serverless/) experience. At launch we
used per-customer EC2 instances to provide strong security and isolation between
customers. As Lambda grew, we saw the need for technology to provide a highly
secure, flexible, and efficient runtime environment for services like Lambda and
Fargate. Using our experience building isolated EC2 instances with hardware
virtualization technology, we started an effort to build a VMM that was tailored
to integrate with container ecosystems.
### What processors does Firecracker support?
The Firecracker VMM is built to be processor agnostic. Intel, AMD and 64 bit ARM
processors are supported for production workloads.
You can find more details [here](README.md#supported-platforms).
### Can Firecracker be used within the container ecosystem?
Yes. Firecracker is integrated with
[Kata Containers](https://github.com/kata-containers/documentation/wiki/Initial-release-of-Kata-Containers-with-Firecracker-support),
[Weave FireKube](https://www.weave.works/oss/firekube/) (via
[Weave Ignite](https://github.com/weaveworks/ignite)), and containerd via
[firecracker-containerd](https://github.com/firecracker-microvm/firecracker-containerd).
We welcome contributions that enable Firecracker to integrate naturally with the
container ecosystem and provide more choices in how container workloads are
isolated.
### What is the difference between Firecracker and QEMU?
Firecracker is an
[alternative to QEMU](https://www.redhat.com/en/blog/all-you-need-know-about-kvm-userspace)
that is purpose-built for running serverless functions and containers safely and
efficiently, and nothing more. Firecracker is written in Rust, provides a
minimal required device model to the guest operating system while excluding
non-essential functionality (only 6 emulated devices are available: virtio-net,
virtio-balloon, virtio-block, virtio-vsock, serial console, and a minimal
keyboard controller used only to stop the microVM). This, along with a
streamlined kernel loading process enables a < 125 ms startup time and a < 5 MiB
memory footprint. The Firecracker process also provides a RESTful control API,
handles resource rate limiting for microVMs, and provides a microVM metadata
service to enable the sharing of configuration data between the host and guest.
### What operating systems are supported by Firecracker?
Firecracker supports Linux host and guest operating systems as well as
[OSv](http://blog.osv.io/blog/2019/04/19/making-OSv-run-on-firecraker/) guests.
Currently supported host/guest kernel versions can be found in the
[kernel support policy](docs/kernel-policy.md).
### What is the open source license for Firecracker?
Firecracker is licensed under the Apache License, version 2.0, allowing you to
freely use, copy, and distribute your changes under the terms of your choice.
[Read more about Apache 2.0](https://www.apache.org/licenses/LICENSE-2.0).
Crosvm code sections are licensed under a
[BSD-3-Clause license](https://opensource.org/licenses/BSD-3-Clause) that also
allows you to use, copy, and distribute your changes under the terms of your
choice.
### How can I contribute?
Firecracker is an AWS open source project that encourages contributions from
customers and the developer community. Any contribution is welcome as long as it
aligns with our [charter](CHARTER.md). You can learn more about how to
contribute in [CONTRIBUTING.md](CONTRIBUTING.md). You can chat with others in
the community on the
[Firecracker Slack workspace](https://firecracker-microvm.slack.com).
### How is Firecracker project governed?
The Firecracker [team at Amazon Web Services](MAINTAINERS.md) owns project
maintainer responsibilities, permissions to merge pull requests, and the ability
to create new Firecracker releases.
## Technical FAQ & Troubleshooting
### Can I emulate a different architecture in the guest than the one on the host?
Guest operating systems must be built for the same CPU architecture as the host
on which it will run. Firecracker does not support running microVMs on any
architecture other than the one the host is running on. In other words, running
an OS built for a `x86_64` on an `aarch64` system will not work, and vice versa.
### I tried using an initrd for boot but it doesn't seem to be used. Is initrd supported?
Initrds are only recently supported in Firecracker. If your release predates
issue [#228](https://github.com/firecracker-microvm/firecracker/issues/208)
being resolved, please update.
### Firecracker is not showing any output on the console.
In order to debug the issue, check the response of the `InstanceStart` API
request. Possible responses:
- **Error**: Submit a new issue with the label "Support: Failure".
- **Success**: If the boot was successful, you should get a response with 204 as
the status code.
If you have no output in the console, most likely you will have to update the
kernel command line. By default, Firecracker starts with the serial console
disabled for boot time performance reasons.
Example of a kernel valid command line that enables the serial console (which
goes in the `boot_args` field of the `/boot-source` Firecracker API resource):
```console
console=ttyS0 reboot=k panic=1 nomodule
```
### How can I configure multiple Ethernet devices through the kernel command line?
The `ip=` boot param in the linux kernel only actually supports configuring a
single interface. Multiple interfaces can be set up in Firecracker using the
API, but guest IP configuration at boot time through boot arguments can only be
done for a single interface.
### My guest wall-clock is drifting, how can I fix it?
The canonical solution is to use NTP in your guests.
However, if you want to run Firecracker at scale, we suggest using a PTP
emulated device as the guest's NTP time source so as to minimize network traffic
and resource overhead. With this solution the guests will constantly update time
to stay in sync with host wall-clock. They do so using cheap para-virtualized
calls into kvm ptp instead of actual network NTP traffic.
To be able to do this you need to have a guest kernel compiled with `KVM_PTP`
support:
```console
CONFIG_PTP_1588_CLOCK=y
CONFIG_PTP_1588_CLOCK_KVM=y
```
Our [recommended x86_64 guest kernel config](resources/guest_configs) already
has these included.
Now `/dev/ptp0` should be available in the guest. Next you need to configure
`/dev/ptp0` as a NTP time source.
For example when using `chrony`:
1. Add `refclock PHC /dev/ptp0 poll 3 dpoll -2 offset 0` to the chrony conf file
(`/etc/chrony/chrony.conf`)
1. Restart the `chrony` daemon.
You can see more info about the `refclock` parameters
[here](https://chrony-project.org/doc/3.4/chrony.conf.html#refclock). Adjust
them according to your needs.
### Each Firecracker opens 20+ file descriptors. Is this an issue?
The relatively high FD usage is expected and correct. Firecracker heavily relies
on event file descriptors to drive device emulation.
### How can I gracefully reboot the guest? How can I gracefully poweroff the guest?
Regardless of architecture, Firecracker does not currently support guest reboot.
On **ARM**, issuing either `poweroff` or `reboot` inside a Linux guest results
in a graceful system shutdown and the termination of the Firecracker process.
This works because KVM emulates the PSCI interface for power management and
notifies Firecracker when the guest tries to change the power state of the
virtual machine.
On **x86**, Firecracker does not virtualize power management (e.g. there is no
ACPI PM support). Consequently:
- `poweroff`: This will shut down the guest OS, but because the guest has no way
of requesting a power-off, the Firecracker process will remain alive.
- `reboot`: Running reboot will successfully terminate the Firecracker process
if the guest is booted with `reboot=k` in the kernel command line. This option
instructs Linux to reset the CPU(s) via the i8042 (keyboard controller) reset
line when rebooting. Firecracker, which emulates the i8042 controller,
intercepts the reset command and terminates the process.
- API Command: Issuing a `SendCtrlAltDel` action via the Firecracker API injects
a `Ctrl+Alt+Del` keyboard sequence into the guest. Depending on the guest
configuration (see ctrl-alt-del.target on systemd systems), this typically
triggers the same reboot behavior described above.
### How can I create my own rootfs or kernel images?
Check out our
[rootfs and kernel image creation guide](docs/rootfs-and-kernel-setup.md).
### We are seeing page allocation failures from Firecracker in the `dmesg` output.
If you see errors like ...
```console
[<TIMESTAMP>] fc_vmm: page allocation failure: order:6, mode:0x140c0c0
(GFP_KERNEL|__GFP_COMP|__GFP_ZERO), nodemask=(null)
[<TIMESTAMP>] fc_vmm cpuset=<GUID> mems_allowed=0
```
... then your host is running out of memory. KVM is attempting to do an
allocation of 2^`order` bytes (in this case, 6) and there aren't sufficient
contiguous pages.
Possible mitigations are:
- Reduce memory pressure on the host.
- Maybe the host has memory but it's too fragmented for the kernel to use. The
allocation above of order 6 means the kernel could not find 2^6
**consecutive** pages. One way to mitigate memory fragmentation is to
[set a higher value](https://linuxhint.com/vm_min_free_kbytes_sysctl/) for
`vm.min_free_kbytes`
- Or investigate other
[mitigations](https://savvinov.com/2019/10/14/memory-fragmentation-the-silent-performance-killer/)
### How can I configure and start a microVM without sending API calls?
Passing an optional command line parameter, `--config-file`, to the Firecracker
process allows this type of configuration. This parameter must be the path to a
file that contains the JSON specification that will be used to configure and
start the microVM. One example of such file can be found at
`tests/framework/vm_config.json`.
### Firecracker fails to start and returns an Out of Memory error
If the Firecracker process exits with `12` exit code (`Out of memory` error),
the root cause is that there is not enough memory on the host to be used by the
Firecracker microVM.
If the microVM was not configured in terms of memory size through an API
request, the host needs to meet the minimum requirement in terms of free memory
size, namely 128 MB of free memory which the microVM defaults to.
This may be related to "We are seeing page allocation failures ..." above. To
validate, run this:
```sh
sudo dmesg | grep "page allocation failure"
```
### Firecracker fails to start and returns "Resource busy" error
If another hypervisor like VMware or VirtualBox is running on the host and locks
`/dev/kvm`, Firecracker process will fail to start with "Resource busy" error.
This issue can be resolved by terminating the other hypervisor running on the
host, and allowing Firecracker to start.
================================================
FILE: LICENSE
================================================
Apache License
Version 2.0, January 2004
http://www.apache.org/licenses/
TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
1. Definitions.
"License" shall mean the terms and conditions for use, reproduction,
and distribution as defined by Sections 1 through 9 of this document.
"Licensor" shall mean the copyright owner or entity authorized by
the copyright owner that is granting the License.
"Legal Entity" shall mean the union of the acting entity and all
other entities that control, are controlled by, or are under common
control with that entity. For the purposes of this definition,
"control" means (i) the power, direct or indirect, to cause the
direction or management of such entity, whether by contract or
otherwise, or (ii) ownership of fifty percent (50%) or more of the
outstanding shares, or (iii) beneficial ownership of such entity.
"You" (or "Your") shall mean an individual or Legal Entity
exercising permissions granted by this License.
"Source" form shall mean the preferred form for making modifications,
including but not limited to software source code, documentation
source, and configuration files.
"Object" form shall mean any form resulting from mechanical
transformation or translation of a Source form, including but
not limited to compiled object code, generated documentation,
and conversions to other media types.
"Work" shall mean the work of authorship, whether in Source or
Object form, made available under the License, as indicated by a
copyright notice that is included in or attached to the work
(an example is provided in the Appendix below).
"Derivative Works" shall mean any work, whether in Source or Object
form, that is based on (or derived from) the Work and for which the
editorial revisions, annotations, elaborations, or other modifications
represent, as a whole, an original work of authorship. For the purposes
of this License, Derivative Works shall not include works that remain
separable from, or merely link (or bind by name) to the interfaces of,
the Work and Derivative Works thereof.
"Contribution" shall mean any work of authorship, including
the original version of the Work and any modifications or additions
to that Work or Derivative Works thereof, that is intentionally
submitted to Licensor for inclusion in the Work by the copyright owner
or by an individual or Legal Entity authorized to submit on behalf of
the copyright owner. For the purposes of this definition, "submitted"
means any form of electronic, verbal, or written communication sent
to the Licensor or its representatives, including but not limited to
communication on electronic mailing lists, source code control systems,
and issue tracking systems that are managed by, or on behalf of, the
Licensor for the purpose of discussing and improving the Work, but
excluding communication that is conspicuously marked or otherwise
designated in writing by the copyright owner as "Not a Contribution."
"Contributor" shall mean Licensor and any individual or Legal Entity
on behalf of whom a Contribution has been received by Licensor and
subsequently incorporated within the Work.
2. Grant of Copyright License. Subject to the terms and conditions of
this License, each Contributor hereby grants to You a perpetual,
worldwide, non-exclusive, no-charge, royalty-free, irrevocable
copyright license to reproduce, prepare Derivative Works of,
publicly display, publicly perform, sublicense, and distribute the
Work and such Derivative Works in Source or Object form.
3. Grant of Patent License. Subject to the terms and conditions of
this License, each Contributor hereby grants to You a perpetual,
worldwide, non-exclusive, no-charge, royalty-free, irrevocable
(except as stated in this section) patent license to make, have made,
use, offer to sell, sell, import, and otherwise transfer the Work,
where such license applies only to those patent claims licensable
by such Contributor that are necessarily infringed by their
Contribution(s) alone or by combination of their Contribution(s)
with the Work to which such Contribution(s) was submitted. If You
institute patent litigation against any entity (including a
cross-claim or counterclaim in a lawsuit) alleging that the Work
or a Contribution incorporated within the Work constitutes direct
or contributory patent infringement, then any patent licenses
granted to You under this License for that Work shall terminate
as of the date such litigation is filed.
4. Redistribution. You may reproduce and distribute copies of the
Work or Derivative Works thereof in any medium, with or without
modifications, and in Source or Object form, provided that You
meet the following conditions:
(a) You must give any other recipients of the Work or
Derivative Works a copy of this License; and
(b) You must cause any modified files to carry prominent notices
stating that You changed the files; and
(c) You must retain, in the Source form of any Derivative Works
that You distribute, all copyright, patent, trademark, and
attribution notices from the Source form of the Work,
excluding those notices that do not pertain to any part of
the Derivative Works; and
(d) If the Work includes a "NOTICE" text file as part of its
distribution, then any Derivative Works that You distribute must
include a readable copy of the attribution notices contained
within such NOTICE file, excluding those notices that do not
pertain to any part of the Derivative Works, in at least one
of the following places: within a NOTICE text file distributed
as part of the Derivative Works; within the Source form or
documentation, if provided along with the Derivative Works; or,
within a display generated by the Derivative Works, if and
wherever such third-party notices normally appear. The contents
of the NOTICE file are for informational purposes only and
do not modify the License. You may add Your own attribution
notices within Derivative Works that You distribute, alongside
or as an addendum to the NOTICE text from the Work, provided
that such additional attribution notices cannot be construed
as modifying the License.
You may add Your own copyright statement to Your modifications and
may provide additional or different license terms and conditions
for use, reproduction, or distribution of Your modifications, or
for any such Derivative Works as a whole, provided Your use,
reproduction, and distribution of the Work otherwise complies with
the conditions stated in this License.
5. Submission of Contributions. Unless You explicitly state otherwise,
any Contribution intentionally submitted for inclusion in the Work
by You to the Licensor shall be under the terms and conditions of
this License, without any additional terms or conditions.
Notwithstanding the above, nothing herein shall supersede or modify
the terms of any separate license agreement you may have executed
with Licensor regarding such Contributions.
6. Trademarks. This License does not grant permission to use the trade
names, trademarks, service marks, or product names of the Licensor,
except as required for reasonable and customary use in describing the
origin of the Work and reproducing the content of the NOTICE file.
7. Disclaimer of Warranty. Unless required by applicable law or
agreed to in writing, Licensor provides the Work (and each
Contributor provides its Contributions) on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
implied, including, without limitation, any warranties or conditions
of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
PARTICULAR PURPOSE. You are solely responsible for determining the
appropriateness of using or redistributing the Work and assume any
risks associated with Your exercise of permissions under this License.
8. Limitation of Liability. In no event and under no legal theory,
whether in tort (including negligence), contract, or otherwise,
unless required by applicable law (such as deliberate and grossly
negligent acts) or agreed to in writing, shall any Contributor be
liable to You for damages, including any direct, indirect, special,
incidental, or consequential damages of any character arising as a
result of this License or out of the use or inability to use the
Work (including but not limited to damages for loss of goodwill,
work stoppage, computer failure or malfunction, or any and all
other commercial damages or losses), even if such Contributor
has been advised of the possibility of such damages.
9. Accepting Warranty or Additional Liability. While redistributing
the Work or Derivative Works thereof, You may choose to offer,
and charge a fee for, acceptance of support, warranty, indemnity,
or other liability obligations and/or rights consistent with this
License. However, in accepting such obligations, You may act only
on Your own behalf and on Your sole responsibility, not on behalf
of any other Contributor, and only if You agree to indemnify,
defend, and hold each Contributor harmless for any liability
incurred by, or claims asserted against, such Contributor by reason
of your accepting any such warranty or additional liability.
END OF TERMS AND CONDITIONS
APPENDIX: How to apply the Apache License to your work.
To apply the Apache License to your work, attach the following
boilerplate notice, with the fields enclosed by brackets "[]"
replaced with your own identifying information. (Don't include
the brackets!) The text should be enclosed in the appropriate
comment syntax for the file format. We also recommend that a
file or class name and description of purpose be included on the
same "printed page" as the copyright notice for easier
identification within third-party archives.
Copyright [yyyy] [name of copyright owner]
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the Lice
gitextract_tj40a4a3/
├── .buildkite/
│ ├── common.py
│ ├── pipeline_coverage.py
│ ├── pipeline_cpu_template.py
│ ├── pipeline_cross.py
│ ├── pipeline_docker_popular.py
│ ├── pipeline_perf.py
│ ├── pipeline_pr.py
│ ├── pipeline_pr_no_block.py
│ └── pipeline_release_qa.py
├── .cargo/
│ ├── audit.toml
│ └── config.toml
├── .dockerignore
├── .git-blame-ignore-revs
├── .github/
│ ├── CODEOWNERS
│ ├── ISSUE_TEMPLATE/
│ │ ├── bug_report.md
│ │ └── feature_request.md
│ ├── codecov.yml
│ ├── dependabot.yml
│ ├── pull_request_template.md
│ └── workflows/
│ ├── deny_dirty_cargo_locks.yml
│ ├── dependency_modification_check.yml
│ ├── monitor_libseccomp_releases.yml
│ ├── send_pr_notification.yml
│ ├── send_release_notification.yml
│ └── trigger_ab_tests.yml
├── .gitignore
├── .gitlint
├── .mailmap
├── .mdformat.toml
├── .python-version
├── CHANGELOG.md
├── CHARTER.md
├── CODE_OF_CONDUCT.md
├── CONTRIBUTING.md
├── CREDITS.md
├── Cargo.toml
├── DEPRECATED.md
├── FAQ.md
├── LICENSE
├── MAINTAINERS.md
├── NOTICE
├── PGP-KEY.asc
├── README.md
├── SECURITY.md
├── SPECIFICATION.md
├── THIRD-PARTY
├── deny.toml
├── docs/
│ ├── RELEASE_POLICY.md
│ ├── api-change-runbook.md
│ ├── api_requests/
│ │ ├── actions.md
│ │ ├── block-caching.md
│ │ ├── block-io-engine.md
│ │ ├── block-vhost-user.md
│ │ ├── patch-block.md
│ │ └── patch-network-interface.md
│ ├── ballooning.md
│ ├── cpu_templates/
│ │ ├── boot-protocol.md
│ │ ├── cpu-template-helper.md
│ │ ├── cpu-templates.md
│ │ ├── cpuid-normalization.md
│ │ └── schema.json
│ ├── design.md
│ ├── dev-machine-setup.md
│ ├── device-api.md
│ ├── entropy.md
│ ├── formal-verification.md
│ ├── gdb-debugging.md
│ ├── getting-started.md
│ ├── hugepages.md
│ ├── images/
│ │ └── vsock-connections.drawio
│ ├── initrd.md
│ ├── jailer.md
│ ├── kernel-policy.md
│ ├── logger.md
│ ├── memory-hotplug.md
│ ├── metrics.md
│ ├── mmds/
│ │ ├── mmds-design.md
│ │ └── mmds-user-guide.md
│ ├── network-performance.md
│ ├── network-setup.md
│ ├── pmem.md
│ ├── prod-host-setup.md
│ ├── pvh.md
│ ├── rootfs-and-kernel-setup.md
│ ├── seccomp.md
│ ├── seccompiler.md
│ ├── snapshotting/
│ │ ├── handling-page-faults-on-snapshot-resume.md
│ │ ├── network-for-clones.md
│ │ ├── random-for-clones.md
│ │ ├── snapshot-editor.md
│ │ ├── snapshot-support.md
│ │ └── versioning.md
│ ├── tracing.md
│ └── vsock.md
├── resources/
│ ├── chroot.sh
│ ├── guest_configs/
│ │ ├── DISCLAIMER.md
│ │ ├── ci.config
│ │ ├── debug.config
│ │ ├── ftrace.config
│ │ ├── microvm-kernel-ci-aarch64-5.10.config
│ │ ├── microvm-kernel-ci-aarch64-6.1.config
│ │ ├── microvm-kernel-ci-x86_64-5.10-no-acpi.config
│ │ ├── microvm-kernel-ci-x86_64-5.10.config
│ │ ├── microvm-kernel-ci-x86_64-6.1.config
│ │ ├── pcie.config
│ │ ├── virtio-mem.config
│ │ ├── virtio-pmem.config
│ │ └── vmclock.config
│ ├── overlay/
│ │ ├── etc/
│ │ │ └── systemd/
│ │ │ └── system/
│ │ │ ├── fcnet.service
│ │ │ └── var-lib-systemd.mount
│ │ └── usr/
│ │ └── local/
│ │ └── bin/
│ │ ├── devmemread.c
│ │ ├── fast_page_fault_helper.c
│ │ ├── fcnet-setup.sh
│ │ ├── fillmem.c
│ │ ├── go_sdk_cred_provider.go/
│ │ │ └── main.go
│ │ ├── go_sdk_cred_provider_with_custom_endpoint.go/
│ │ │ └── main.go
│ │ ├── init.c
│ │ └── readmem.c
│ ├── patches/
│ │ └── vmclock/
│ │ ├── 5.10/
│ │ │ ├── 0001-ptp-vmclock-add-vm-generation-counter.patch
│ │ │ ├── 0002-ptp-vmclock-support-device-notifications.patch
│ │ │ ├── 0003-dt-bindings-ptp-Add-amazon-vmclock.patch
│ │ │ ├── 0004-ptp-ptp_vmclock-Add-device-tree-support.patch
│ │ │ ├── 0005-ptp-ptp_vmclock-add-VMCLOCK-to-ACPI-device-match.patch
│ │ │ ├── 0006-ptp-ptp_vmclock-remove-dependency-on-CONFIG_ACPI.patch
│ │ │ └── 0007-ptp-ptp_vmclock-return-TAI-not-UTC.patch
│ │ └── 6.1/
│ │ ├── 0001-ptp-vmclock-add-vm-generation-counter.patch
│ │ ├── 0002-ptp-vmclock-support-device-notifications.patch
│ │ ├── 0003-dt-bindings-ptp-Add-amazon-vmclock.patch
│ │ ├── 0004-ptp-ptp_vmclock-Add-device-tree-support.patch
│ │ ├── 0005-ptp-ptp_vmclock-add-VMCLOCK-to-ACPI-device-match.patch
│ │ ├── 0006-ptp-ptp_vmclock-remove-dependency-on-CONFIG_ACPI.patch
│ │ └── 0007-ptp-ptp_vmclock-return-TAI-not-UTC.patch
│ ├── rebuild.sh
│ └── seccomp/
│ ├── aarch64-unknown-linux-musl.json
│ ├── unimplemented.json
│ └── x86_64-unknown-linux-musl.json
├── rust-toolchain.toml
├── rustfmt.toml
├── src/
│ ├── acpi-tables/
│ │ ├── Cargo.toml
│ │ └── src/
│ │ ├── aml.rs
│ │ ├── dsdt.rs
│ │ ├── fadt.rs
│ │ ├── lib.rs
│ │ ├── madt.rs
│ │ ├── mcfg.rs
│ │ ├── rsdp.rs
│ │ └── xsdt.rs
│ ├── clippy-tracing/
│ │ ├── Cargo.toml
│ │ ├── README.md
│ │ ├── src/
│ │ │ └── main.rs
│ │ └── tests/
│ │ └── integration_tests.rs
│ ├── cpu-template-helper/
│ │ ├── Cargo.toml
│ │ ├── build.rs
│ │ └── src/
│ │ ├── fingerprint/
│ │ │ ├── compare.rs
│ │ │ ├── dump.rs
│ │ │ └── mod.rs
│ │ ├── main.rs
│ │ ├── template/
│ │ │ ├── dump/
│ │ │ │ ├── aarch64.rs
│ │ │ │ ├── mod.rs
│ │ │ │ └── x86_64.rs
│ │ │ ├── mod.rs
│ │ │ ├── strip/
│ │ │ │ ├── aarch64.rs
│ │ │ │ ├── mod.rs
│ │ │ │ └── x86_64.rs
│ │ │ └── verify/
│ │ │ ├── aarch64.rs
│ │ │ ├── mod.rs
│ │ │ └── x86_64.rs
│ │ └── utils/
│ │ ├── aarch64.rs
│ │ ├── mock_kernel/
│ │ │ └── main.c
│ │ ├── mod.rs
│ │ └── x86_64.rs
│ ├── firecracker/
│ │ ├── Cargo.toml
│ │ ├── build.rs
│ │ ├── examples/
│ │ │ ├── README.md
│ │ │ ├── seccomp/
│ │ │ │ ├── harmless.rs
│ │ │ │ ├── jailer.rs
│ │ │ │ ├── malicious.rs
│ │ │ │ └── panic.rs
│ │ │ └── uffd/
│ │ │ ├── fault_all_handler.rs
│ │ │ ├── malicious_handler.rs
│ │ │ ├── on_demand_handler.rs
│ │ │ └── uffd_utils.rs
│ │ ├── src/
│ │ │ ├── api_server/
│ │ │ │ ├── mod.rs
│ │ │ │ ├── parsed_request.rs
│ │ │ │ └── request/
│ │ │ │ ├── actions.rs
│ │ │ │ ├── balloon.rs
│ │ │ │ ├── boot_source.rs
│ │ │ │ ├── cpu_configuration.rs
│ │ │ │ ├── drive.rs
│ │ │ │ ├── entropy.rs
│ │ │ │ ├── hotplug/
│ │ │ │ │ ├── memory.rs
│ │ │ │ │ └── mod.rs
│ │ │ │ ├── instance_info.rs
│ │ │ │ ├── logger.rs
│ │ │ │ ├── machine_configuration.rs
│ │ │ │ ├── metrics.rs
│ │ │ │ ├── mmds.rs
│ │ │ │ ├── mod.rs
│ │ │ │ ├── net.rs
│ │ │ │ ├── pmem.rs
│ │ │ │ ├── serial.rs
│ │ │ │ ├── snapshot.rs
│ │ │ │ ├── version.rs
│ │ │ │ └── vsock.rs
│ │ │ ├── api_server_adapter.rs
│ │ │ ├── generated/
│ │ │ │ ├── mod.rs
│ │ │ │ └── prctl.rs
│ │ │ ├── lib.rs
│ │ │ ├── main.rs
│ │ │ ├── metrics.rs
│ │ │ └── seccomp.rs
│ │ ├── swagger/
│ │ │ └── firecracker.yaml
│ │ └── tests/
│ │ └── verify_dependencies.rs
│ ├── jailer/
│ │ ├── Cargo.toml
│ │ └── src/
│ │ ├── cgroup.rs
│ │ ├── chroot.rs
│ │ ├── env.rs
│ │ ├── main.rs
│ │ └── resource_limits.rs
│ ├── log-instrument/
│ │ ├── Cargo.toml
│ │ ├── README.md
│ │ ├── examples/
│ │ │ ├── five.rs
│ │ │ ├── four.rs
│ │ │ ├── one.rs
│ │ │ ├── six.rs
│ │ │ ├── three.rs
│ │ │ └── two.rs
│ │ └── src/
│ │ └── lib.rs
│ ├── log-instrument-macros/
│ │ ├── Cargo.toml
│ │ └── src/
│ │ └── lib.rs
│ ├── pci/
│ │ ├── Cargo.toml
│ │ └── src/
│ │ └── lib.rs
│ ├── rebase-snap/
│ │ ├── Cargo.toml
│ │ └── src/
│ │ └── main.rs
│ ├── seccompiler/
│ │ ├── Cargo.toml
│ │ ├── build.rs
│ │ └── src/
│ │ ├── bin.rs
│ │ ├── bindings.rs
│ │ ├── lib.rs
│ │ └── types.rs
│ ├── snapshot-editor/
│ │ ├── Cargo.toml
│ │ └── src/
│ │ ├── edit_memory.rs
│ │ ├── edit_vmstate.rs
│ │ ├── info.rs
│ │ ├── main.rs
│ │ └── utils.rs
│ ├── utils/
│ │ ├── Cargo.toml
│ │ └── src/
│ │ ├── arg_parser.rs
│ │ ├── lib.rs
│ │ ├── time.rs
│ │ └── validators.rs
│ └── vmm/
│ ├── Cargo.toml
│ ├── benches/
│ │ ├── block_request.rs
│ │ ├── cpu_templates.rs
│ │ ├── memory_access.rs
│ │ └── queue.rs
│ ├── src/
│ │ ├── acpi/
│ │ │ ├── mod.rs
│ │ │ └── x86_64.rs
│ │ ├── arch/
│ │ │ ├── aarch64/
│ │ │ │ ├── cache_info.rs
│ │ │ │ ├── fdt.rs
│ │ │ │ ├── gic/
│ │ │ │ │ ├── gicv2/
│ │ │ │ │ │ ├── mod.rs
│ │ │ │ │ │ └── regs/
│ │ │ │ │ │ ├── dist_regs.rs
│ │ │ │ │ │ ├── icc_regs.rs
│ │ │ │ │ │ └── mod.rs
│ │ │ │ │ ├── gicv3/
│ │ │ │ │ │ ├── mod.rs
│ │ │ │ │ │ └── regs/
│ │ │ │ │ │ ├── dist_regs.rs
│ │ │ │ │ │ ├── icc_regs.rs
│ │ │ │ │ │ ├── its_regs.rs
│ │ │ │ │ │ ├── mod.rs
│ │ │ │ │ │ └── redist_regs.rs
│ │ │ │ │ ├── mod.rs
│ │ │ │ │ └── regs.rs
│ │ │ │ ├── kvm.rs
│ │ │ │ ├── layout.rs
│ │ │ │ ├── mod.rs
│ │ │ │ ├── output_GICv2.dtb
│ │ │ │ ├── output_GICv3.dtb
│ │ │ │ ├── output_initrd_GICv2.dtb
│ │ │ │ ├── output_initrd_GICv3.dtb
│ │ │ │ ├── regs.rs
│ │ │ │ ├── vcpu.rs
│ │ │ │ └── vm.rs
│ │ │ ├── mod.rs
│ │ │ └── x86_64/
│ │ │ ├── cpu_model.rs
│ │ │ ├── gdt.rs
│ │ │ ├── generated/
│ │ │ │ ├── arch_prctl.rs
│ │ │ │ ├── hyperv.rs
│ │ │ │ ├── hyperv_tlfs.rs
│ │ │ │ ├── mod.rs
│ │ │ │ ├── mpspec.rs
│ │ │ │ ├── msr_index.rs
│ │ │ │ └── perf_event.rs
│ │ │ ├── interrupts.rs
│ │ │ ├── kvm.rs
│ │ │ ├── layout.rs
│ │ │ ├── mod.rs
│ │ │ ├── mptable.rs
│ │ │ ├── msr.rs
│ │ │ ├── regs.rs
│ │ │ ├── vcpu.rs
│ │ │ ├── vm.rs
│ │ │ └── xstate.rs
│ │ ├── builder.rs
│ │ ├── cpu_config/
│ │ │ ├── aarch64/
│ │ │ │ ├── custom_cpu_template.rs
│ │ │ │ ├── mod.rs
│ │ │ │ ├── static_cpu_templates/
│ │ │ │ │ ├── mod.rs
│ │ │ │ │ └── v1n1.rs
│ │ │ │ └── test_utils.rs
│ │ │ ├── mod.rs
│ │ │ ├── templates.rs
│ │ │ ├── templates_serde.rs
│ │ │ ├── test_utils.rs
│ │ │ └── x86_64/
│ │ │ ├── cpuid/
│ │ │ │ ├── amd/
│ │ │ │ │ ├── mod.rs
│ │ │ │ │ └── normalize.rs
│ │ │ │ ├── common.rs
│ │ │ │ ├── intel/
│ │ │ │ │ ├── mod.rs
│ │ │ │ │ └── normalize.rs
│ │ │ │ ├── mod.rs
│ │ │ │ └── normalize.rs
│ │ │ ├── custom_cpu_template.rs
│ │ │ ├── mod.rs
│ │ │ ├── static_cpu_templates/
│ │ │ │ ├── c3.rs
│ │ │ │ ├── mod.rs
│ │ │ │ ├── t2.rs
│ │ │ │ ├── t2a.rs
│ │ │ │ ├── t2cl.rs
│ │ │ │ └── t2s.rs
│ │ │ └── test_utils.rs
│ │ ├── device_manager/
│ │ │ ├── acpi.rs
│ │ │ ├── legacy.rs
│ │ │ ├── mmio.rs
│ │ │ ├── mod.rs
│ │ │ ├── pci_mngr.rs
│ │ │ └── persist.rs
│ │ ├── devices/
│ │ │ ├── acpi/
│ │ │ │ ├── generated/
│ │ │ │ │ ├── mod.rs
│ │ │ │ │ └── vmclock_abi.rs
│ │ │ │ ├── mod.rs
│ │ │ │ ├── vmclock.rs
│ │ │ │ └── vmgenid.rs
│ │ │ ├── legacy/
│ │ │ │ ├── i8042.rs
│ │ │ │ ├── mod.rs
│ │ │ │ ├── rtc_pl031.rs
│ │ │ │ └── serial.rs
│ │ │ ├── mod.rs
│ │ │ ├── pci/
│ │ │ │ ├── mod.rs
│ │ │ │ └── pci_segment.rs
│ │ │ ├── pseudo/
│ │ │ │ ├── boot_timer.rs
│ │ │ │ └── mod.rs
│ │ │ └── virtio/
│ │ │ ├── balloon/
│ │ │ │ ├── device.rs
│ │ │ │ ├── event_handler.rs
│ │ │ │ ├── metrics.rs
│ │ │ │ ├── mod.rs
│ │ │ │ ├── persist.rs
│ │ │ │ ├── test_utils.rs
│ │ │ │ └── util.rs
│ │ │ ├── block/
│ │ │ │ ├── device.rs
│ │ │ │ ├── mod.rs
│ │ │ │ ├── persist.rs
│ │ │ │ ├── vhost_user/
│ │ │ │ │ ├── device.rs
│ │ │ │ │ ├── event_handler.rs
│ │ │ │ │ ├── mod.rs
│ │ │ │ │ └── persist.rs
│ │ │ │ └── virtio/
│ │ │ │ ├── device.rs
│ │ │ │ ├── event_handler.rs
│ │ │ │ ├── io/
│ │ │ │ │ ├── async_io.rs
│ │ │ │ │ ├── mod.rs
│ │ │ │ │ └── sync_io.rs
│ │ │ │ ├── metrics.rs
│ │ │ │ ├── mod.rs
│ │ │ │ ├── persist.rs
│ │ │ │ ├── request.rs
│ │ │ │ └── test_utils.rs
│ │ │ ├── device.rs
│ │ │ ├── generated/
│ │ │ │ ├── mod.rs
│ │ │ │ ├── virtio_blk.rs
│ │ │ │ ├── virtio_config.rs
│ │ │ │ ├── virtio_ids.rs
│ │ │ │ ├── virtio_mem.rs
│ │ │ │ ├── virtio_net.rs
│ │ │ │ └── virtio_ring.rs
│ │ │ ├── iov_deque.rs
│ │ │ ├── iovec.rs
│ │ │ ├── mem/
│ │ │ │ ├── device.rs
│ │ │ │ ├── event_handler.rs
│ │ │ │ ├── metrics.rs
│ │ │ │ ├── mod.rs
│ │ │ │ ├── persist.rs
│ │ │ │ └── request.rs
│ │ │ ├── mod.rs
│ │ │ ├── net/
│ │ │ │ ├── device.rs
│ │ │ │ ├── event_handler.rs
│ │ │ │ ├── generated/
│ │ │ │ │ ├── if_tun.rs
│ │ │ │ │ ├── iff.rs
│ │ │ │ │ ├── mod.rs
│ │ │ │ │ └── sockios.rs
│ │ │ │ ├── metrics.rs
│ │ │ │ ├── mod.rs
│ │ │ │ ├── persist.rs
│ │ │ │ ├── tap.rs
│ │ │ │ └── test_utils.rs
│ │ │ ├── persist.rs
│ │ │ ├── pmem/
│ │ │ │ ├── device.rs
│ │ │ │ ├── event_handler.rs
│ │ │ │ ├── metrics.rs
│ │ │ │ ├── mod.rs
│ │ │ │ └── persist.rs
│ │ │ ├── queue.rs
│ │ │ ├── rng/
│ │ │ │ ├── device.rs
│ │ │ │ ├── event_handler.rs
│ │ │ │ ├── metrics.rs
│ │ │ │ ├── mod.rs
│ │ │ │ └── persist.rs
│ │ │ ├── test_utils.rs
│ │ │ ├── transport/
│ │ │ │ ├── mmio.rs
│ │ │ │ ├── mod.rs
│ │ │ │ └── pci/
│ │ │ │ ├── common_config.rs
│ │ │ │ ├── device.rs
│ │ │ │ └── mod.rs
│ │ │ ├── vhost_user.rs
│ │ │ ├── vhost_user_metrics.rs
│ │ │ └── vsock/
│ │ │ ├── csm/
│ │ │ │ ├── connection.rs
│ │ │ │ ├── mod.rs
│ │ │ │ └── txbuf.rs
│ │ │ ├── device.rs
│ │ │ ├── event_handler.rs
│ │ │ ├── metrics.rs
│ │ │ ├── mod.rs
│ │ │ ├── packet.rs
│ │ │ ├── persist.rs
│ │ │ ├── test_utils.rs
│ │ │ └── unix/
│ │ │ ├── mod.rs
│ │ │ ├── muxer.rs
│ │ │ ├── muxer_killq.rs
│ │ │ └── muxer_rxq.rs
│ │ ├── dumbo/
│ │ │ ├── mod.rs
│ │ │ ├── pdu/
│ │ │ │ ├── arp.rs
│ │ │ │ ├── bytes.rs
│ │ │ │ ├── ethernet.rs
│ │ │ │ ├── ipv4.rs
│ │ │ │ ├── mod.rs
│ │ │ │ └── tcp.rs
│ │ │ └── tcp/
│ │ │ ├── connection.rs
│ │ │ ├── endpoint.rs
│ │ │ ├── handler.rs
│ │ │ └── mod.rs
│ │ ├── gdb/
│ │ │ ├── arch/
│ │ │ │ ├── aarch64.rs
│ │ │ │ ├── mod.rs
│ │ │ │ └── x86.rs
│ │ │ ├── event_loop.rs
│ │ │ ├── mod.rs
│ │ │ └── target.rs
│ │ ├── initrd.rs
│ │ ├── io_uring/
│ │ │ ├── generated.rs
│ │ │ ├── mod.rs
│ │ │ ├── operation/
│ │ │ │ ├── cqe.rs
│ │ │ │ ├── mod.rs
│ │ │ │ └── sqe.rs
│ │ │ ├── probe.rs
│ │ │ ├── queue/
│ │ │ │ ├── completion.rs
│ │ │ │ ├── mmap.rs
│ │ │ │ ├── mod.rs
│ │ │ │ └── submission.rs
│ │ │ └── restriction.rs
│ │ ├── lib.rs
│ │ ├── logger/
│ │ │ ├── logging.rs
│ │ │ ├── metrics.rs
│ │ │ └── mod.rs
│ │ ├── mmds/
│ │ │ ├── data_store.rs
│ │ │ ├── mod.rs
│ │ │ ├── ns.rs
│ │ │ ├── persist.rs
│ │ │ ├── token.rs
│ │ │ └── token_headers.rs
│ │ ├── pci/
│ │ │ ├── bus.rs
│ │ │ ├── configuration.rs
│ │ │ ├── mod.rs
│ │ │ └── msix.rs
│ │ ├── persist.rs
│ │ ├── rate_limiter/
│ │ │ ├── mod.rs
│ │ │ └── persist.rs
│ │ ├── resources.rs
│ │ ├── rpc_interface.rs
│ │ ├── seccomp.rs
│ │ ├── signal_handler.rs
│ │ ├── snapshot/
│ │ │ ├── crc.rs
│ │ │ ├── mod.rs
│ │ │ └── persist.rs
│ │ ├── test_utils/
│ │ │ ├── mock_resources/
│ │ │ │ ├── dirtying_init.tgz
│ │ │ │ ├── make_noisy_kernel.sh
│ │ │ │ └── mod.rs
│ │ │ └── mod.rs
│ │ ├── utils/
│ │ │ ├── byte_order.rs
│ │ │ ├── mod.rs
│ │ │ ├── net/
│ │ │ │ ├── ipv4addr.rs
│ │ │ │ ├── mac.rs
│ │ │ │ └── mod.rs
│ │ │ ├── signal.rs
│ │ │ └── sm.rs
│ │ ├── vmm_config/
│ │ │ ├── balloon.rs
│ │ │ ├── boot_source.rs
│ │ │ ├── drive.rs
│ │ │ ├── entropy.rs
│ │ │ ├── instance_info.rs
│ │ │ ├── machine_config.rs
│ │ │ ├── memory_hotplug.rs
│ │ │ ├── metrics.rs
│ │ │ ├── mmds.rs
│ │ │ ├── mod.rs
│ │ │ ├── net.rs
│ │ │ ├── pmem.rs
│ │ │ ├── serial.rs
│ │ │ ├── snapshot.rs
│ │ │ └── vsock.rs
│ │ └── vstate/
│ │ ├── bus.rs
│ │ ├── interrupts.rs
│ │ ├── kvm.rs
│ │ ├── memory.rs
│ │ ├── mod.rs
│ │ ├── resources.rs
│ │ ├── vcpu.rs
│ │ └── vm.rs
│ └── tests/
│ ├── devices.rs
│ ├── integration_tests.rs
│ └── io_uring.rs
├── tests/
│ ├── README.md
│ ├── conftest.py
│ ├── data/
│ │ ├── cpu_template_helper/
│ │ │ ├── fingerprint_AMD_GENOA_5.10host.json
│ │ │ ├── fingerprint_AMD_GENOA_6.1host.json
│ │ │ ├── fingerprint_AMD_MILAN_5.10host.json
│ │ │ ├── fingerprint_AMD_MILAN_6.1host.json
│ │ │ ├── fingerprint_ARM_NEOVERSE_N1_5.10host.json
│ │ │ ├── fingerprint_ARM_NEOVERSE_N1_6.1host.json
│ │ │ ├── fingerprint_ARM_NEOVERSE_V1_5.10host.json
│ │ │ ├── fingerprint_ARM_NEOVERSE_V1_6.1host.json
│ │ │ ├── fingerprint_ARM_NEOVERSE_V2_5.10host.json
│ │ │ ├── fingerprint_ARM_NEOVERSE_V2_6.1host.json
│ │ │ ├── fingerprint_INTEL_CASCADELAKE_5.10host.json
│ │ │ ├── fingerprint_INTEL_CASCADELAKE_6.1host.json
│ │ │ ├── fingerprint_INTEL_GRANITE_RAPIDS_5.10host.json
│ │ │ ├── fingerprint_INTEL_GRANITE_RAPIDS_6.1host.json
│ │ │ ├── fingerprint_INTEL_ICELAKE_5.10host.json
│ │ │ ├── fingerprint_INTEL_ICELAKE_6.1host.json
│ │ │ ├── fingerprint_INTEL_SAPPHIRE_RAPIDS_5.10host.json
│ │ │ └── fingerprint_INTEL_SAPPHIRE_RAPIDS_6.1host.json
│ │ ├── custom_cpu_templates/
│ │ │ ├── AARCH64_WITH_SVE_AND_PAC.json
│ │ │ ├── C3.json
│ │ │ ├── GNR_TO_T2_5.10.json
│ │ │ ├── GNR_TO_T2_6.1.json
│ │ │ ├── SPR_TO_T2_5.10.json
│ │ │ ├── SPR_TO_T2_6.1.json
│ │ │ ├── T2.json
│ │ │ ├── T2A.json
│ │ │ ├── T2CL.json
│ │ │ ├── T2S.json
│ │ │ └── V1N1.json
│ │ ├── metadata.json
│ │ ├── metadata_invalid.json
│ │ └── msr/
│ │ ├── msr_list_GNR_TO_T2_5.10_INTEL_GRANITE_RAPIDS_5.10host_5.10guest.csv
│ │ ├── msr_list_GNR_TO_T2_5.10_INTEL_GRANITE_RAPIDS_5.10host_6.1guest.csv
│ │ ├── msr_list_GNR_TO_T2_6.1_INTEL_GRANITE_RAPIDS_6.1host_5.10guest.csv
│ │ ├── msr_list_GNR_TO_T2_6.1_INTEL_GRANITE_RAPIDS_6.1host_6.1guest.csv
│ │ ├── msr_list_SPR_TO_T2_5.10_INTEL_SAPPHIRE_RAPIDS_5.10host_5.10guest.csv
│ │ ├── msr_list_SPR_TO_T2_5.10_INTEL_SAPPHIRE_RAPIDS_5.10host_6.1guest.csv
│ │ ├── msr_list_SPR_TO_T2_6.1_INTEL_SAPPHIRE_RAPIDS_6.1host_5.10guest.csv
│ │ ├── msr_list_SPR_TO_T2_6.1_INTEL_SAPPHIRE_RAPIDS_6.1host_6.1guest.csv
│ │ ├── msr_list_T2A_AMD_MILAN_5.10host_5.10guest.csv
│ │ ├── msr_list_T2A_AMD_MILAN_5.10host_6.1guest.csv
│ │ ├── msr_list_T2A_AMD_MILAN_6.1host_5.10guest.csv
│ │ ├── msr_list_T2A_AMD_MILAN_6.1host_6.1guest.csv
│ │ ├── msr_list_T2CL_INTEL_CASCADELAKE_5.10host_5.10guest.csv
│ │ ├── msr_list_T2CL_INTEL_CASCADELAKE_5.10host_6.1guest.csv
│ │ ├── msr_list_T2CL_INTEL_CASCADELAKE_6.1host_5.10guest.csv
│ │ ├── msr_list_T2CL_INTEL_CASCADELAKE_6.1host_6.1guest.csv
│ │ ├── msr_list_T2CL_INTEL_ICELAKE_5.10host_5.10guest.csv
│ │ ├── msr_list_T2CL_INTEL_ICELAKE_5.10host_6.1guest.csv
│ │ ├── msr_list_T2CL_INTEL_ICELAKE_6.1host_5.10guest.csv
│ │ ├── msr_list_T2CL_INTEL_ICELAKE_6.1host_6.1guest.csv
│ │ ├── msr_list_T2S_INTEL_CASCADELAKE_5.10host_5.10guest.csv
│ │ ├── msr_list_T2S_INTEL_CASCADELAKE_5.10host_6.1guest.csv
│ │ ├── msr_list_T2S_INTEL_CASCADELAKE_6.1host_5.10guest.csv
│ │ ├── msr_list_T2S_INTEL_CASCADELAKE_6.1host_6.1guest.csv
│ │ ├── msr_reader.c
│ │ ├── msr_writer.sh
│ │ └── wrmsr_list.txt
│ ├── framework/
│ │ ├── __init__.py
│ │ ├── ab_test.py
│ │ ├── artifacts.py
│ │ ├── defs.py
│ │ ├── gitlint_rules.py
│ │ ├── guest_stats.py
│ │ ├── http_api.py
│ │ ├── jailer.py
│ │ ├── microvm.py
│ │ ├── microvm_helpers.py
│ │ ├── properties.py
│ │ ├── static_analysis.py
│ │ ├── swagger_validator.py
│ │ ├── utils.py
│ │ ├── utils_cpu_templates.py
│ │ ├── utils_cpuid.py
│ │ ├── utils_drive.py
│ │ ├── utils_fio.py
│ │ ├── utils_ftrace.py
│ │ ├── utils_imdsv2.py
│ │ ├── utils_iperf.py
│ │ ├── utils_repo.py
│ │ ├── utils_uffd.py
│ │ ├── utils_vsock.py
│ │ ├── vm_config.json
│ │ ├── vm_config_cpu_template_C3.json
│ │ ├── vm_config_missing_mem_size_mib.json
│ │ ├── vm_config_missing_vcpu_count.json
│ │ ├── vm_config_network.json
│ │ ├── vm_config_smt_true.json
│ │ ├── vm_config_with_mmdsv1.json
│ │ ├── vm_config_with_mmdsv2.json
│ │ └── with_filelock.py
│ ├── host_tools/
│ │ ├── __init__.py
│ │ ├── cargo_build.py
│ │ ├── change_net_config_space.c
│ │ ├── cpu_load.py
│ │ ├── drive.py
│ │ ├── fcmetrics.py
│ │ ├── jailer_time.c
│ │ ├── memory.py
│ │ ├── metrics.py
│ │ ├── network.py
│ │ ├── proc.py
│ │ ├── test_syscalls.c
│ │ ├── udp_offload.py
│ │ ├── vmclock-abi.h
│ │ ├── vmclock.c
│ │ ├── vsock_helper.c
│ │ └── waitpkg.c
│ ├── integration_tests/
│ │ ├── build/
│ │ │ ├── __init__.py
│ │ │ ├── test_clippy.py
│ │ │ ├── test_coverage.py
│ │ │ ├── test_dependencies.py
│ │ │ ├── test_gdb.py
│ │ │ ├── test_seccomp_no_redundant_rules.py
│ │ │ └── test_unittests.py
│ │ ├── functional/
│ │ │ ├── __init__.py
│ │ │ ├── test_api.py
│ │ │ ├── test_api_server.py
│ │ │ ├── test_balloon.py
│ │ │ ├── test_binary.py
│ │ │ ├── test_binary_size.py
│ │ │ ├── test_cmd_line_parameters.py
│ │ │ ├── test_cmd_line_start.py
│ │ │ ├── test_concurrency.py
│ │ │ ├── test_cpu_all.py
│ │ │ ├── test_cpu_features_aarch64.py
│ │ │ ├── test_cpu_features_host_vs_guest.py
│ │ │ ├── test_cpu_features_x86_64.py
│ │ │ ├── test_cpu_template_helper.py
│ │ │ ├── test_dirty_pages_in_full_snapshot.py
│ │ │ ├── test_drive_vhost_user.py
│ │ │ ├── test_drive_virtio.py
│ │ │ ├── test_error_code.py
│ │ │ ├── test_feat_parity.py
│ │ │ ├── test_gdb.py
│ │ │ ├── test_instrumented_firecracker.py
│ │ │ ├── test_kernel_cmdline.py
│ │ │ ├── test_kvm_ptp.py
│ │ │ ├── test_log_instrument.py
│ │ │ ├── test_logging.py
│ │ │ ├── test_max_devices.py
│ │ │ ├── test_metrics.py
│ │ │ ├── test_mmds.py
│ │ │ ├── test_net.py
│ │ │ ├── test_net_config_space.py
│ │ │ ├── test_pause_resume.py
│ │ │ ├── test_pci.py
│ │ │ ├── test_pmem.py
│ │ │ ├── test_pvtime.py
│ │ │ ├── test_rng.py
│ │ │ ├── test_rtc.py
│ │ │ ├── test_serial_io.py
│ │ │ ├── test_shut_down.py
│ │ │ ├── test_signals.py
│ │ │ ├── test_snapshot_basic.py
│ │ │ ├── test_snapshot_editor.py
│ │ │ ├── test_snapshot_not_losing_dirty_pages.py
│ │ │ ├── test_snapshot_phase1.py
│ │ │ ├── test_snapshot_restore_cross_kernel.py
│ │ │ ├── test_topology.py
│ │ │ ├── test_uffd.py
│ │ │ ├── test_vmclock.py
│ │ │ └── test_vsock.py
│ │ ├── performance/
│ │ │ ├── __init__.py
│ │ │ ├── test_balloon.py
│ │ │ ├── test_block.py
│ │ │ ├── test_boottime.py
│ │ │ ├── test_drive_rate_limiter.py
│ │ │ ├── test_hotplug_memory.py
│ │ │ ├── test_huge_pages.py
│ │ │ ├── test_initrd.py
│ │ │ ├── test_jailer.py
│ │ │ ├── test_memory_overhead.py
│ │ │ ├── test_mmds.py
│ │ │ ├── test_network.py
│ │ │ ├── test_pmem.py
│ │ │ ├── test_process_startup_time.py
│ │ │ ├── test_rate_limiter.py
│ │ │ ├── test_snapshot.py
│ │ │ ├── test_steal_time.py
│ │ │ ├── test_vhost_user_metrics.py
│ │ │ └── test_vsock.py
│ │ ├── security/
│ │ │ ├── __init__.py
│ │ │ ├── conftest.py
│ │ │ ├── test_custom_seccomp.py
│ │ │ ├── test_jail.py
│ │ │ ├── test_nv.py
│ │ │ ├── test_sec_audit.py
│ │ │ ├── test_seccomp.py
│ │ │ ├── test_seccomp_validate.py
│ │ │ └── test_vulnerabilities.py
│ │ ├── style/
│ │ │ ├── __init__.py
│ │ │ ├── test_gitlint.py
│ │ │ ├── test_licenses.py
│ │ │ ├── test_markdown.py
│ │ │ ├── test_python.py
│ │ │ ├── test_repo.py
│ │ │ ├── test_rust.py
│ │ │ └── test_swagger.py
│ │ └── test_kani.py
│ ├── pyproject.toml
│ └── pytest.ini
└── tools/
├── ab_plot.py
├── ab_test.py
├── bindgen-patches/
│ ├── 0001-change-c_char-to-c_uchar-in-ifrn_name.patch
│ ├── 0002-derive-clone-copy-in-io-uring.patch
│ ├── 0003-vmclock.patch
│ └── 0004-vmclock-notify.patch
├── bindgen.sh
├── bump-version.sh
├── devctr/
│ ├── Dockerfile
│ ├── ctr_gitconfig
│ └── pyproject.toml
├── devtool
├── functions
├── gh_release.py
├── release-notes.py
├── release-prepare.sh
├── release-tag.sh
├── release.sh
├── sandbox.py
├── setup-ci-artifacts.sh
├── test-popular-containers/
│ ├── build_rootfs.sh
│ ├── fcnet.start
│ ├── setup-minimal.sh
│ └── test-docker-rootfs.py
├── test.sh
├── test_bindings.py
└── update-credits.sh
Showing preview only (748K chars total). Download the full file or copy to clipboard to get everything.
SYMBOL INDEX (8882 symbols across 485 files)
FILE: .buildkite/common.py
function get_arch_for_instance (line 40) | def get_arch_for_instance(instance):
function overlay_dict (line 45) | def overlay_dict(base: dict, update: dict):
function field_fmt (line 56) | def field_fmt(field, args):
function dict_fmt (line 63) | def dict_fmt(dict_tmpl, args):
function group (line 74) | def group(label, command, instances, platforms, **kwargs):
function get_changed_files (line 101) | def get_changed_files():
function run_all_tests (line 116) | def run_all_tests(changed_files):
class DictAction (line 130) | class DictAction(argparse.Action):
method __init__ (line 139) | def __init__(self, option_strings, dest, nargs=None, **kwargs):
method __call__ (line 144) | def __call__(self, parser, namespace, value, option_string=None):
function random_str (line 209) | def random_str(k: int):
function ab_revision_build (line 214) | def ab_revision_build(revision):
function shared_build (line 219) | def shared_build():
class BKPipeline (line 250) | class BKPipeline:
method __init__ (line 259) | def __init__(self, with_build_step=True, **kwargs):
method add_step (line 291) | def add_step(self, step, depends_on_build=True):
method _adapt_group (line 305) | def _adapt_group(self, group):
method build_group (line 345) | def build_group(self, *args, **kwargs):
method build_key (line 358) | def build_key(self, key, arch):
method build_group_per_arch (line 362) | def build_group_per_arch(self, label, *args, **kwargs):
method to_dict (line 381) | def to_dict(self):
method to_json (line 385) | def to_json(self):
method devtool_download_artifacts (line 389) | def devtool_download_artifacts(self, artifacts):
method devtool_test (line 395) | def devtool_test(self, devtool_opts=None, pytest_opts=None):
FILE: .buildkite/pipeline_cpu_template.py
class BkStep (line 12) | class BkStep(str, Enum):
function group_snapshot_restore (line 79) | def group_snapshot_restore(test_step):
FILE: .buildkite/pipeline_perf.py
function apply_pins (line 172) | def apply_pins(steps):
FILE: resources/overlay/usr/local/bin/devmemread.c
function main (line 16) | int main()
FILE: resources/overlay/usr/local/bin/fast_page_fault_helper.c
function touch_memory (line 25) | void touch_memory(void *mem, size_t size, char val) {
function main (line 32) | int main(int argc, char *argv[]) {
FILE: resources/overlay/usr/local/bin/fillmem.c
function fill_mem (line 21) | int fill_mem(int mb_count) {
function main (line 47) | int main(int argc, char *const argv[]) {
FILE: resources/overlay/usr/local/bin/go_sdk_cred_provider.go/main.go
function main (line 12) | func main() {
FILE: resources/overlay/usr/local/bin/go_sdk_cred_provider_with_custom_endpoint.go/main.go
constant mmdsBaseUrl (line 16) | mmdsBaseUrl = "http://169.254.169.254"
function main (line 18) | func main() {
function getMmdsToken (line 59) | func getMmdsToken() (string, error) {
type tokenInjector (line 101) | type tokenInjector struct
method RoundTrip (line 106) | func (t *tokenInjector) RoundTrip(req *http.Request) (*http.Response, ...
type loggingRoundTripper (line 112) | type loggingRoundTripper struct
method RoundTrip (line 116) | func (l *loggingRoundTripper) RoundTrip(req *http.Request) (*http.Resp...
FILE: resources/overlay/usr/local/bin/init.c
function main (line 24) | int main () {
FILE: resources/overlay/usr/local/bin/readmem.c
function read_mem (line 25) | int read_mem(int mb_count, int value) {
function main (line 58) | int main(int argc, char *const argv[]) {
FILE: src/acpi-tables/src/aml.rs
type AmlError (line 12) | pub enum AmlError {
type Aml (line 21) | pub trait Aml {
method append_aml_bytes (line 22) | fn append_aml_bytes(&self, _v: &mut Vec<u8>) -> Result<(), AmlError>;
method to_aml_bytes (line 24) | fn to_aml_bytes(&self) -> Result<Vec<u8>, AmlError> {
method append_aml_bytes (line 35) | fn append_aml_bytes(&self, v: &mut Vec<u8>) -> Result<(), AmlError> {
method append_aml_bytes (line 45) | fn append_aml_bytes(&self, v: &mut Vec<u8>) -> Result<(), AmlError> {
method append_aml_bytes (line 55) | fn append_aml_bytes(&self, v: &mut Vec<u8>) -> Result<(), AmlError> {
method append_aml_bytes (line 67) | fn append_aml_bytes(&self, bytes: &mut Vec<u8>) -> Result<(), AmlError> {
method append_aml_bytes (line 120) | fn append_aml_bytes(&self, bytes: &mut Vec<u8>) -> Result<(), AmlError> {
method append_aml_bytes (line 130) | fn append_aml_bytes(&self, bytes: &mut Vec<u8>) -> Result<(), AmlError> {
method append_aml_bytes (line 140) | fn append_aml_bytes(&self, bytes: &mut Vec<u8>) -> Result<(), AmlError> {
method append_aml_bytes (line 150) | fn append_aml_bytes(&self, bytes: &mut Vec<u8>) -> Result<(), AmlError> {
method append_aml_bytes (line 162) | fn append_aml_bytes(&self, bytes: &mut Vec<u8>) -> Result<(), AmlError> {
method append_aml_bytes (line 184) | fn append_aml_bytes(&self, bytes: &mut Vec<u8>) -> Result<(), AmlError> {
method append_aml_bytes (line 282) | fn append_aml_bytes(&self, bytes: &mut Vec<u8>) -> Result<(), AmlError> {
method append_aml_bytes (line 290) | fn append_aml_bytes(&self, bytes: &mut Vec<u8>) -> Result<(), AmlError> {
method append_aml_bytes (line 320) | fn append_aml_bytes(&self, bytes: &mut Vec<u8>) -> Result<(), AmlError> {
method append_aml_bytes (line 329) | fn append_aml_bytes(&self, bytes: &mut Vec<u8>) -> Result<(), AmlError> {
method append_aml_bytes (line 340) | fn append_aml_bytes(&self, bytes: &mut Vec<u8>) -> Result<(), AmlError> {
method append_aml_bytes (line 392) | fn append_aml_bytes(&self, bytes: &mut Vec<u8>) -> Result<(), AmlError> {
method append_aml_bytes (line 481) | fn append_aml_bytes(&self, bytes: &mut Vec<u8>) -> Result<(), AmlError> {
method append_aml_bytes (line 499) | fn append_aml_bytes(&self, bytes: &mut Vec<u8>) -> Result<(), AmlError> {
method append_aml_bytes (line 517) | fn append_aml_bytes(&self, bytes: &mut Vec<u8>) -> Result<(), AmlError> {
method append_aml_bytes (line 553) | fn append_aml_bytes(&self, bytes: &mut Vec<u8>) -> Result<(), AmlError> {
method append_aml_bytes (line 591) | fn append_aml_bytes(&self, bytes: &mut Vec<u8>) -> Result<(), AmlError> {
method append_aml_bytes (line 611) | fn append_aml_bytes(&self, bytes: &mut Vec<u8>) -> Result<(), AmlError> {
method append_aml_bytes (line 641) | fn append_aml_bytes(&self, bytes: &mut Vec<u8>) -> Result<(), AmlError> {
method append_aml_bytes (line 682) | fn append_aml_bytes(&self, bytes: &mut Vec<u8>) -> Result<(), AmlError> {
method append_aml_bytes (line 711) | fn append_aml_bytes(&self, bytes: &mut Vec<u8>) -> Result<(), AmlError> {
method append_aml_bytes (line 765) | fn append_aml_bytes(&self, bytes: &mut Vec<u8>) -> Result<(), AmlError> {
method append_aml_bytes (line 828) | fn append_aml_bytes(&self, bytes: &mut Vec<u8>) -> Result<(), AmlError> {
method append_aml_bytes (line 854) | fn append_aml_bytes(&self, bytes: &mut Vec<u8>) -> Result<(), AmlError> {
method append_aml_bytes (line 882) | fn append_aml_bytes(&self, bytes: &mut Vec<u8>) -> Result<(), AmlError> {
method append_aml_bytes (line 902) | fn append_aml_bytes(&self, bytes: &mut Vec<u8>) -> Result<(), AmlError> {
method append_aml_bytes (line 913) | fn append_aml_bytes(&self, bytes: &mut Vec<u8>) -> Result<(), AmlError> {
method append_aml_bytes (line 925) | fn append_aml_bytes(&self, bytes: &mut Vec<u8>) -> Result<(), AmlError> {
method append_aml_bytes (line 946) | fn append_aml_bytes(&self, bytes: &mut Vec<u8>) -> Result<(), AmlError> {
method append_aml_bytes (line 966) | fn append_aml_bytes(&self, bytes: &mut Vec<u8>) -> Result<(), AmlError> {
method append_aml_bytes (line 987) | fn append_aml_bytes(&self, bytes: &mut Vec<u8>) -> Result<(), AmlError> {
method append_aml_bytes (line 1007) | fn append_aml_bytes(&self, bytes: &mut Vec<u8>) -> Result<(), AmlError> {
method append_aml_bytes (line 1027) | fn append_aml_bytes(&self, bytes: &mut Vec<u8>) -> Result<(), AmlError> {
method append_aml_bytes (line 1050) | fn append_aml_bytes(&self, bytes: &mut Vec<u8>) -> Result<(), AmlError> {
method append_aml_bytes (line 1120) | fn append_aml_bytes(&self, bytes: &mut Vec<u8>) -> Result<(), AmlError> {
method append_aml_bytes (line 1140) | fn append_aml_bytes(&self, bytes: &mut Vec<u8>) -> Result<(), AmlError> {
method append_aml_bytes (line 1173) | fn append_aml_bytes(&self, bytes: &mut Vec<u8>) -> Result<(), AmlError> {
method append_aml_bytes (line 1182) | fn append_aml_bytes(&self, bytes: &mut Vec<u8>) -> Result<(), AmlError> {
constant ZERO (line 31) | pub const ZERO: Zero = Zero {};
type Zero (line 32) | pub struct Zero {}
constant ONE (line 41) | pub const ONE: One = One {};
type One (line 42) | pub struct One {}
constant ONES (line 51) | pub const ONES: Ones = Ones {};
type Ones (line 52) | pub struct Ones {}
type Path (line 61) | pub struct Path {
method new (line 93) | pub fn new(name: &str) -> Result<Self, AmlError> {
type Error (line 111) | type Error = AmlError;
method try_from (line 112) | fn try_from(s: &str) -> Result<Self, Self::Error> {
type Byte (line 117) | pub type Byte = u8;
type Word (line 127) | pub type Word = u16;
type DWord (line 137) | pub type DWord = u32;
type QWord (line 147) | pub type QWord = u64;
type Name (line 157) | pub struct Name {
method new (line 171) | pub fn new(path: Path, inner: &dyn Aml) -> Result<Self, AmlError> {
type Package (line 179) | pub struct Package<'a> {
function new (line 200) | pub fn new(children: Vec<&'a dyn Aml>) -> Self {
function create_pkg_length (line 218) | fn create_pkg_length(data: &[u8], include_self: bool) -> Vec<u8> {
type EisaName (line 256) | pub struct EisaName {
method new (line 261) | pub fn new(name: &str) -> Result<Self, AmlError> {
type Usize (line 287) | pub type Usize = usize;
function append_aml_string (line 311) | fn append_aml_string(v: &str, bytes: &mut Vec<u8>) {
type AmlStr (line 317) | pub type AmlStr = &'static str;
type AmlString (line 326) | pub type AmlString = String;
type ResourceTemplate (line 335) | pub struct ResourceTemplate<'a> {
function new (line 370) | pub fn new(children: Vec<&'a dyn Aml>) -> Self {
type Memory32Fixed (line 375) | pub struct Memory32Fixed {
method new (line 382) | pub fn new(read_write: bool, base: u32, length: u32) -> Self {
type AddressSpaceType (line 404) | enum AddressSpaceType {
type AddressSpaceCacheable (line 411) | pub enum AddressSpaceCacheable {
type AddressSpace (line 418) | pub struct AddressSpace<T> {
function new_memory (line 429) | pub fn new_memory(
function new_io (line 446) | pub fn new_io(min: T, max: T) -> Result<Self, AmlError> {
function new_bus_number (line 458) | pub fn new_bus_number(min: T, max: T) -> Result<Self, AmlError> {
function push_header (line 470) | fn push_header(&self, bytes: &mut Vec<u8>, descriptor: u8, length: usize) {
type Io (line 534) | pub struct Io {
method new (line 542) | pub fn new(min: u16, max: u16, alignment: u8, length: u8) -> Self {
type Interrupt (line 564) | pub struct Interrupt {
method new (line 573) | pub fn new(
type Device (line 605) | pub struct Device<'a> {
function new (line 630) | pub fn new(path: Path, children: Vec<&'a dyn Aml>) -> Self {
type Scope (line 635) | pub struct Scope<'a> {
function new (line 658) | pub fn new(path: Path, children: Vec<&'a dyn Aml>) -> Self {
type Method (line 663) | pub struct Method<'a> {
function new (line 671) | pub fn new(path: Path, args: u8, serialized: bool, children: Vec<&'a dyn...
type Return (line 700) | pub struct Return<'a> {
function new (line 705) | pub fn new(value: &'a dyn Aml) -> Self {
type FieldAccessType (line 719) | pub enum FieldAccessType {
type FieldUpdateRule (line 729) | pub enum FieldUpdateRule {
type FieldEntry (line 735) | pub enum FieldEntry {
type Field (line 740) | pub struct Field {
method new (line 749) | pub fn new(
type OpRegionSpace (line 796) | pub enum OpRegionSpace {
type OpRegion (line 809) | pub struct OpRegion {
method new (line 817) | pub fn new(path: Path, space: OpRegionSpace, offset: usize, length: us...
type If (line 839) | pub struct If<'a> {
function new (line 845) | pub fn new(predicate: &'a dyn Aml, if_children: Vec<&'a dyn Aml>) -> Self {
type Equal (line 870) | pub struct Equal<'a> {
function new (line 876) | pub fn new(left: &'a dyn Aml, right: &'a dyn Aml) -> Self {
type LessThan (line 890) | pub struct LessThan<'a> {
function new (line 896) | pub fn new(left: &'a dyn Aml, right: &'a dyn Aml) -> Self {
type Arg (line 910) | pub struct Arg(pub u8);
type Local (line 922) | pub struct Local(pub u8);
type Store (line 934) | pub struct Store<'a> {
function new (line 940) | pub fn new(name: &'a dyn Aml, value: &'a dyn Aml) -> Self {
type Mutex (line 954) | pub struct Mutex {
method new (line 960) | pub fn new(path: Path, sync_level: u8) -> Self {
type Acquire (line 975) | pub struct Acquire {
method new (line 981) | pub fn new(mutex: Path, timeout: u16) -> Self {
type Release (line 996) | pub struct Release {
method new (line 1001) | pub fn new(mutex: Path) -> Self {
type Notify (line 1015) | pub struct Notify<'a> {
function new (line 1021) | pub fn new(object: &'a dyn Aml, value: &'a dyn Aml) -> Self {
type While (line 1035) | pub struct While<'a> {
function new (line 1041) | pub fn new(predicate: &'a dyn Aml, while_children: Vec<&'a dyn Aml>) -> ...
type MethodCall (line 1108) | pub struct MethodCall<'a> {
function new (line 1114) | pub fn new(name: Path, args: Vec<&'a dyn Aml>) -> Self {
type Buffer (line 1129) | pub struct Buffer {
method new (line 1134) | pub fn new(data: Vec<u8>) -> Self {
type CreateField (line 1154) | pub struct CreateField<'a, T> {
function new (line 1162) | pub fn new(buffer: &'a dyn Aml, offset: &'a dyn Aml, field: Path) -> Self {
function test_device (line 1195) | fn test_device() {
function test_scope (line 1245) | fn test_scope() {
function test_resource_template (line 1285) | fn test_resource_template() {
function test_pkg_length (line 1494) | fn test_pkg_length() {
function test_package (line 1511) | fn test_package() {
function test_eisa_name (line 1524) | fn test_eisa_name() {
function test_name_path (line 1537) | fn test_name_path() {
function test_numbers (line 1567) | fn test_numbers() {
function test_name (line 1581) | fn test_name() {
function test_string (line 1601) | fn test_string() {
function test_method (line 1613) | fn test_method() {
function test_field (line 1628) | fn test_field() {
function test_op_region (line 1697) | fn test_op_region() {
function test_arg_if (line 1717) | fn test_arg_if() {
function test_local_if (line 1746) | fn test_local_if() {
function test_mutex (line 1776) | fn test_mutex() {
function test_notify (line 1826) | fn test_notify() {
function test_while (line 1865) | fn test_while() {
function test_method_call (line 1915) | fn test_method_call() {
function test_buffer (line 1958) | fn test_buffer() {
function test_create_field (line 1981) | fn test_create_field() {
FILE: src/acpi-tables/src/dsdt.rs
type Dsdt (line 17) | pub struct Dsdt {
method new (line 23) | pub fn new(
method len (line 52) | fn len(&self) -> usize {
method write_to_guest (line 56) | fn write_to_guest<AS: GuestMemory>(&mut self, mem: &AS, address: GuestAd...
FILE: src/acpi-tables/src/fadt.rs
constant IAPC_BOOT_ARG_FLAGS_VGA_NOT_PRESENT (line 13) | pub const IAPC_BOOT_ARG_FLAGS_VGA_NOT_PRESENT: u16 = 2;
constant IAPC_BOOT_ARG_FLAGS_MSI_NOT_PRESENT (line 15) | pub const IAPC_BOOT_ARG_FLAGS_MSI_NOT_PRESENT: u16 = 3;
constant IAPC_BOOT_ARG_FLAGS_PCI_ASPM (line 17) | pub const IAPC_BOOT_ARG_FLAGS_PCI_ASPM: u16 = 4;
constant FADT_F_PWR_BUTTON (line 25) | pub const FADT_F_PWR_BUTTON: u8 = 4;
constant FADT_F_SLP_BUTTON (line 29) | pub const FADT_F_SLP_BUTTON: u8 = 5;
constant FADT_F_HW_REDUCED_ACPI (line 32) | pub const FADT_F_HW_REDUCED_ACPI: u8 = 20;
type Fadt (line 46) | pub struct Fadt {
method new (line 109) | pub fn new(oem_id: [u8; 6], oem_table_id: [u8; 8], oem_revision: u32) ...
method set_x_dsdt (line 131) | pub fn set_x_dsdt(&mut self, addr: u64) {
method set_flags (line 136) | pub fn set_flags(&mut self, flags: u32) {
method setup_iapc_flags (line 141) | pub fn setup_iapc_flags(&mut self, flags: u16) {
method set_hypervisor_vendor_id (line 146) | pub fn set_hypervisor_vendor_id(&mut self, hypervisor_vendor_id: [u8; ...
method len (line 152) | fn len(&self) -> usize {
method write_to_guest (line 156) | fn write_to_guest<M: GuestMemory>(&mut self, mem: &M, address: GuestAddr...
FILE: src/acpi-tables/src/lib.rs
constant FC_ACPI_CREATOR_ID (line 28) | const FC_ACPI_CREATOR_ID: [u8; 4] = *b"FCAT";
constant FC_ACPI_CREATOR_REVISION (line 31) | const FC_ACPI_CREATOR_REVISION: u32 = 0x20240119;
function checksum (line 33) | fn checksum(buf: &[&[u8]]) -> u8 {
type AcpiError (line 42) | pub enum AcpiError {
type Result (line 51) | pub type Result<T> = std::result::Result<T, AcpiError>;
type GenericAddressStructure (line 56) | pub struct GenericAddressStructure {
method new (line 65) | pub fn new(
type SdtHeader (line 85) | pub struct SdtHeader {
method new (line 98) | pub(crate) fn new(
type Sdt (line 121) | pub trait Sdt {
method len (line 123) | fn len(&self) -> usize;
method is_empty (line 126) | fn is_empty(&self) -> bool {
method write_to_guest (line 131) | fn write_to_guest<M: GuestMemory>(&mut self, mem: &M, address: GuestAd...
function test_checksum (line 139) | fn test_checksum() {
FILE: src/acpi-tables/src/madt.rs
constant MADT_CPU_ENABLE_FLAG (line 14) | const MADT_CPU_ENABLE_FLAG: u32 = 0;
type LocalAPIC (line 22) | pub struct LocalAPIC {
method new (line 31) | pub fn new(cpu_id: u8) -> Self {
type IoAPIC (line 48) | pub struct IoAPIC {
method new (line 58) | pub fn new(ioapic_id: u8, apic_address: u32) -> Self {
type MadtHeader (line 76) | struct MadtHeader {
type Madt (line 88) | pub struct Madt {
method new (line 94) | pub fn new(
method len (line 129) | fn len(&self) -> usize {
method write_to_guest (line 133) | fn write_to_guest<M: GuestMemory>(&mut self, mem: &M, address: GuestAddr...
FILE: src/acpi-tables/src/mcfg.rs
type PciRangeEntry (line 17) | struct PciRangeEntry {
type Mcfg (line 28) | pub struct Mcfg {
method new (line 35) | pub fn new(
method len (line 69) | fn len(&self) -> usize {
method write_to_guest (line 73) | fn write_to_guest<M: GuestMemory>(&mut self, mem: &M, address: GuestAddr...
FILE: src/acpi-tables/src/rsdp.rs
type Rsdp (line 26) | pub struct Rsdp {
method new (line 39) | pub fn new(oem_id: [u8; 6], xsdt_addr: u64) -> Self {
method len (line 60) | fn len(&self) -> usize {
method write_to_guest (line 64) | fn write_to_guest<M: GuestMemory>(&mut self, mem: &M, address: GuestAddr...
FILE: src/acpi-tables/src/xsdt.rs
type Xsdt (line 19) | pub struct Xsdt {
method new (line 25) | pub fn new(
method len (line 60) | fn len(&self) -> usize {
method write_to_guest (line 64) | fn write_to_guest<M: GuestMemory>(&mut self, mem: &M, address: GuestAddr...
FILE: src/clippy-tracing/src/main.rs
type CommandLineArgs (line 22) | struct CommandLineArgs {
type Action (line 47) | enum Action {
type SegmentedList (line 57) | struct SegmentedList {
method set_before (line 65) | fn set_before(&mut self, line: usize, text: String) -> bool {
method from (line 79) | fn from(list: SegmentedList) -> String {
type StripVisitor (line 94) | struct StripVisitor(HashMap<usize, String>);
method from (line 96) | fn from(visitor: StripVisitor) -> String {
type CheckVisitor (line 125) | struct CheckVisitor(Option<proc_macro2::Span>);
type FixVisitor (line 146) | struct FixVisitor<'a> {
method from (line 155) | fn from(visitor: FixVisitor) -> String {
function instrument (line 183) | fn instrument(sig: &syn::Signature, suffix: &Option<String>, cfg_attr: &...
function inner_instrument (line 193) | fn inner_instrument(_sig: &syn::Signature, suffix: &Option<String>) -> S...
type Exit (line 202) | enum Exit {
method report (line 212) | fn report(self) -> ExitCode {
function main (line 217) | fn main() -> Exit {
type ExecError (line 236) | enum ExecError {
method fmt (line 247) | fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
function exec (line 260) | fn exec() -> Result<Option<(PathBuf, usize, usize)>, ExecError> {
type ApplyError (line 299) | enum ApplyError {
method fmt (line 312) | fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
function apply (line 327) | fn apply<R: Read, W: Write>(
function find_instrumented (line 385) | fn find_instrumented(attrs: &[syn::Attribute]) -> Option<&syn::Attribute> {
function is_instrumented (line 390) | fn is_instrumented(attr: &syn::Attribute) -> Option<&syn::Attribute> {
type Desc (line 409) | struct Desc {
function check_attributes (line 421) | fn check_attributes(attrs: &[syn::Attribute]) -> Desc {
FILE: src/clippy-tracing/tests/integration_tests.rs
constant BINARY (line 13) | const BINARY: &str = env!("CARGO_BIN_EXE_clippy-tracing");
function setup (line 15) | fn setup(text: &str) -> String {
function check_file (line 29) | fn check_file(text: &str, path: &str) {
function fix (line 41) | fn fix(given: &str, expected: &str, cfg_attr: Option<&'static str>) {
function strip (line 62) | fn strip(given: &str, expected: &str) {
function exec_error (line 76) | fn exec_error() {
function fix_one (line 95) | fn fix_one() {
function fix_two (line 104) | fn fix_two() {
function fix_three (line 111) | fn fix_three() {
function check_one (line 119) | fn check_one() {
function check_two (line 134) | fn check_two() {
function check_three (line 148) | fn check_three() {
function strip_one (line 170) | fn strip_one() {
function strip_two (line 177) | fn strip_two() {
function strip_three (line 184) | fn strip_three() {
function exclude (line 191) | fn exclude() {
function readme (line 251) | fn readme() {
function readme_empty_suffix (line 331) | fn readme_empty_suffix() {
function readme_custom_suffix (line 411) | fn readme_custom_suffix() {
FILE: src/cpu-template-helper/build.rs
constant MOCK_KERNEL_PATH (line 6) | const MOCK_KERNEL_PATH: &str = "src/utils/mock_kernel/kernel.bin";
type KernelHeader (line 11) | struct KernelHeader {
function main (line 24) | fn main() {
FILE: src/cpu-template-helper/src/fingerprint/compare.rs
type FingerprintCompareError (line 9) | pub enum FingerprintCompareError {
type Diff (line 17) | struct Diff<'a, T: Serialize> {
function compare (line 23) | pub fn compare(
function build_sample_fingerprint (line 102) | fn build_sample_fingerprint() -> Fingerprint {
function test_compare_same_fingerprints (line 114) | fn test_compare_same_fingerprints() {
function test_compare_different_fingerprints (line 124) | fn test_compare_different_fingerprints() {
FILE: src/cpu-template-helper/src/fingerprint/dump.rs
type FingerprintDumpError (line 12) | pub enum FingerprintDumpError {
function dump (line 21) | pub fn dump(vmm: Arc<Mutex<Vmm>>) -> Result<Fingerprint, FingerprintDump...
function get_kernel_version (line 37) | fn get_kernel_version() -> Result<String, FingerprintDumpError> {
function read_sysfs_file (line 56) | fn read_sysfs_file(path: &str) -> Result<String, FingerprintDumpError> {
function test_get_kernel_version (line 67) | fn test_get_kernel_version() {
function test_read_valid_sysfs_file (line 73) | fn test_read_valid_sysfs_file() {
function test_read_invalid_sysfs_file (line 80) | fn test_read_invalid_sysfs_file() {
FILE: src/cpu-template-helper/src/main.rs
type HelperError (line 15) | enum HelperError {
type Cli (line 38) | struct Cli {
type Command (line 44) | enum Command {
type TemplateOperation (line 54) | enum TemplateOperation {
type FingerprintOperation (line 88) | enum FingerprintOperation {
function run (line 121) | fn run(cli: Cli) -> Result<(), HelperError> {
function main (line 208) | fn main() -> std::process::ExitCode {
constant SAMPLE_MODIFIERS (line 233) | const SAMPLE_MODIFIERS: &str = r#"
constant SAMPLE_MODIFIERS (line 260) | const SAMPLE_MODIFIERS: &str = r#"
function generate_sample_template (line 271) | fn generate_sample_template() -> TempFile {
function generate_sample_fingerprint (line 280) | fn generate_sample_fingerprint() -> TempFile {
function test_template_dump_command (line 301) | fn test_template_dump_command() {
function test_template_strip_command (line 316) | fn test_template_strip_command() {
function test_template_verify_command (line 331) | fn test_template_verify_command() {
function test_fingerprint_dump_command (line 346) | fn test_fingerprint_dump_command() {
function test_fingerprint_compare_command (line 361) | fn test_fingerprint_compare_command() {
FILE: src/cpu-template-helper/src/template/dump/aarch64.rs
function config_to_template (line 11) | pub fn config_to_template(cpu_config: &CpuConfiguration) -> CustomCpuTem...
constant REG_EXCLUSION_LIST (line 41) | const REG_EXCLUSION_LIST: [u64; 3] = [
constant KVM_REG_SIZE_U32 (line 59) | const KVM_REG_SIZE_U32: u64 = 0x0020000000000000;
constant KVM_REG_SIZE_U64 (line 60) | const KVM_REG_SIZE_U64: u64 = 0x0030000000000000;
constant KVM_REG_SIZE_U128 (line 61) | const KVM_REG_SIZE_U128: u64 = 0x0040000000000000;
constant KVM_REG_SIZE_U256 (line 62) | const KVM_REG_SIZE_U256: u64 = 0x0050000000000000;
constant KVM_REG_SIZE_U512 (line 63) | const KVM_REG_SIZE_U512: u64 = 0x0060000000000000;
constant KVM_REG_SIZE_U1024 (line 64) | const KVM_REG_SIZE_U1024: u64 = 0x0070000000000000;
constant KVM_REG_SIZE_U2048 (line 65) | const KVM_REG_SIZE_U2048: u64 = 0x0080000000000000;
function build_sample_regs (line 67) | fn build_sample_regs() -> Aarch64RegisterVec {
function build_expected_reg_modifiers (line 94) | fn build_expected_reg_modifiers() -> Vec<RegisterModifier> {
function test_config_to_template (line 103) | fn test_config_to_template() {
FILE: src/cpu-template-helper/src/template/dump/mod.rs
type DumpError (line 20) | pub enum DumpError {
function dump (line 25) | pub fn dump(vmm: Arc<Mutex<Vmm>>) -> Result<CustomCpuTemplate, DumpError> {
function test_dump (line 39) | fn test_dump() {
FILE: src/cpu-template-helper/src/template/dump/x86_64.rs
function config_to_template (line 19) | pub fn config_to_template(cpu_config: &CpuConfiguration) -> CustomCpuTem...
function cpuid_to_modifiers (line 27) | fn cpuid_to_modifiers(cpuid: &Cpuid) -> Vec<CpuidLeafModifier> {
function msrs_to_modifier (line 47) | fn msrs_to_modifier(msrs: &BTreeMap<u32, u64>) -> Vec<RegisterModifier> {
constant MSR_EXCLUSION_LIST (line 71) | const MSR_EXCLUSION_LIST: [MsrRange; 10] = [
function should_exclude_msr (line 99) | fn should_exclude_msr(index: u32) -> bool {
constant MSR_EXCLUSION_LIST_AMD (line 104) | const MSR_EXCLUSION_LIST_AMD: [MsrRange; 1] = [
function should_exclude_msr_amd (line 114) | fn should_exclude_msr_amd(index: u32) -> bool {
function build_sample_cpuid (line 130) | fn build_sample_cpuid() -> Cpuid {
function build_expected_cpuid_modifiers (line 165) | fn build_expected_cpuid_modifiers() -> Vec<CpuidLeafModifier> {
function build_sample_msrs (line 192) | fn build_sample_msrs() -> BTreeMap<u32, u64> {
function build_expected_msr_modifiers (line 212) | fn build_expected_msr_modifiers() -> Vec<RegisterModifier> {
function test_config_to_template (line 230) | fn test_config_to_template() {
FILE: src/cpu-template-helper/src/template/strip/aarch64.rs
function strip (line 11) | pub fn strip(templates: Vec<CustomCpuTemplate>) -> Result<Vec<CustomCpuT...
function build_input_templates (line 49) | fn build_input_templates() -> Vec<CustomCpuTemplate> {
function build_expected_templates (line 77) | fn build_expected_templates() -> Vec<CustomCpuTemplate> {
function test_strip_reg_modifiers (line 102) | fn test_strip_reg_modifiers() {
FILE: src/cpu-template-helper/src/template/strip/mod.rs
type StripError (line 22) | pub enum StripError {
function strip_common (line 27) | fn strip_common<K, V>(maps: &mut [HashMap<K, RegisterValueFilter<V>>]) -...
function test_strip_common_with_single_input (line 92) | fn test_strip_common_with_single_input() {
function test_strip_common (line 102) | fn test_strip_common() {
FILE: src/cpu-template-helper/src/template/strip/x86_64.rs
function strip (line 11) | pub fn strip(templates: Vec<CustomCpuTemplate>) -> Result<Vec<CustomCpuT...
function build_input_cpuid_templates (line 65) | fn build_input_cpuid_templates() -> Vec<CustomCpuTemplate> {
function build_expected_cpuid_templates (line 113) | fn build_expected_cpuid_templates() -> Vec<CustomCpuTemplate> {
function build_input_msr_templates (line 153) | fn build_input_msr_templates() -> Vec<CustomCpuTemplate> {
function build_expected_msr_templates (line 184) | fn build_expected_msr_templates() -> Vec<CustomCpuTemplate> {
function test_strip_cpuid_modifiers (line 212) | fn test_strip_cpuid_modifiers() {
function test_strip_msr_modifiers (line 220) | fn test_strip_msr_modifiers() {
FILE: src/cpu-template-helper/src/template/verify/aarch64.rs
function verify (line 9) | pub fn verify(
function test_verify_non_existing_reg (line 28) | fn test_verify_non_existing_reg() {
function test_verify_mismatched_reg (line 50) | fn test_verify_mismatched_reg() {
FILE: src/cpu-template-helper/src/template/verify/mod.rs
type VerifyError (line 22) | pub enum VerifyError {
function verify_common (line 35) | pub fn verify_common<K, V>(
function test_verify_modifier_map_with_non_existing_key (line 68) | fn test_verify_modifier_map_with_non_existing_key() {
function test_verify_modifier_map_with_mismatched_value (line 83) | fn test_verify_modifier_map_with_mismatched_value() {
function test_verify_modifier_map_with_valid_value (line 102) | fn test_verify_modifier_map_with_valid_value() {
FILE: src/cpu-template-helper/src/template/verify/x86_64.rs
function verify (line 9) | pub fn verify(
function test_format_cpuid_modifier_map_key (line 71) | fn test_format_cpuid_modifier_map_key() {
function test_cpuid_modifier_from_vec_to_map (line 86) | fn test_cpuid_modifier_from_vec_to_map() {
function test_format_msr_modifier_map_key (line 108) | fn test_format_msr_modifier_map_key() {
function test_msr_modifier_from_vec_to_map (line 114) | fn test_msr_modifier_from_vec_to_map() {
function test_verify_non_existing_cpuid (line 133) | fn test_verify_non_existing_cpuid() {
function test_verify_mismatched_cpuid (line 158) | fn test_verify_mismatched_cpuid() {
function test_verify_non_existing_msr (line 185) | fn test_verify_non_existing_msr() {
function test_verify_mismatched_msr (line 210) | fn test_verify_mismatched_msr() {
FILE: src/cpu-template-helper/src/utils/aarch64.rs
type RegModifierMapKey (line 13) | pub struct RegModifierMapKey(pub u64);
method fmt (line 17) | fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result {
type RegModifierMap (line 23) | pub struct RegModifierMap(pub HashMap<RegModifierMapKey, RegisterValueFi...
method from (line 26) | fn from(modifiers: Vec<RegisterModifier>) -> Self {
function from (line 36) | fn from(modifier_map: RegModifierMap) -> Self {
function test_format_reg_modifier_map_key (line 90) | fn test_format_reg_modifier_map_key() {
function build_sample_reg_modifier_vec (line 95) | fn build_sample_reg_modifier_vec() -> Vec<RegisterModifier> {
function build_sample_reg_modifier_map (line 103) | fn build_sample_reg_modifier_map() -> RegModifierMap {
function test_reg_modifier_from_vec_to_map (line 112) | fn test_reg_modifier_from_vec_to_map() {
function test_reg_modifier_from_map_to_vec (line 119) | fn test_reg_modifier_from_map_to_vec() {
FILE: src/cpu-template-helper/src/utils/mock_kernel/main.c
function _start (line 4) | void _start() {
FILE: src/cpu-template-helper/src/utils/mod.rs
constant CPU_TEMPLATE_HELPER_VERSION (line 25) | pub const CPU_TEMPLATE_HELPER_VERSION: &str = env!("CARGO_PKG_VERSION");
type ModifierMapKey (line 30) | pub trait ModifierMapKey: Eq + PartialEq + Hash + Display + Clone {}
type DiffString (line 32) | pub trait DiffString<V> {
method to_diff_string (line 36) | fn to_diff_string(template: V, config: V) -> String;
method to_diff_string (line 43) | fn to_diff_string(template: V, config: V) -> String {
type UtilsError (line 65) | pub enum UtilsError {
function load_cpu_template (line 78) | pub fn load_cpu_template(path: &PathBuf) -> Result<CustomCpuTemplate, Ut...
function build_mock_config (line 85) | fn build_mock_config() -> Result<(TempFile, TempFile, String), UtilsErro...
function build_microvm_from_config (line 111) | pub fn build_microvm_from_config(
function add_suffix (line 149) | pub fn add_suffix(path: &Path, suffix: &str) -> PathBuf {
constant SUFFIX (line 172) | const SUFFIX: &str = "_suffix";
type MockModifierMapKey (line 175) | pub struct MockModifierMapKey(pub u8);
method fmt (line 179) | fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result {
function test_build_mock_config (line 208) | fn test_build_mock_config() {
function test_build_microvm (line 229) | fn test_build_microvm() {
function test_add_suffix_filename_only (line 234) | fn test_add_suffix_filename_only() {
function test_add_suffix_filename_without_ext (line 241) | fn test_add_suffix_filename_without_ext() {
function test_add_suffix_rel_path (line 248) | fn test_add_suffix_rel_path() {
function test_add_suffix_abs_path (line 255) | fn test_add_suffix_abs_path() {
FILE: src/cpu-template-helper/src/utils/x86_64.rs
type CpuidModifierMapKey (line 16) | pub struct CpuidModifierMapKey {
method fmt (line 25) | fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result {
type CpuidModifierMap (line 38) | pub struct CpuidModifierMap(pub HashMap<CpuidModifierMapKey, RegisterVal...
method from (line 41) | fn from(leaf_modifiers: Vec<CpuidLeafModifier>) -> Self {
function from (line 61) | fn from(modifier_map: CpuidModifierMap) -> Self {
type MsrModifierMapKey (line 99) | pub struct MsrModifierMapKey(pub u32);
method fmt (line 103) | fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result {
type MsrModifierMap (line 109) | pub struct MsrModifierMap(pub HashMap<MsrModifierMapKey, RegisterValueFi...
method from (line 112) | fn from(modifiers: Vec<RegisterModifier>) -> Self {
function from (line 122) | fn from(modifier_map: MsrModifierMap) -> Self {
function test_format_cpuid_modifier_map_key (line 228) | fn test_format_cpuid_modifier_map_key() {
function build_sample_cpuid_modifier_vec (line 242) | fn build_sample_cpuid_modifier_vec() -> Vec<CpuidLeafModifier> {
function build_sample_cpuid_modifier_map (line 255) | fn build_sample_cpuid_modifier_map() -> CpuidModifierMap {
function test_cpuid_modifier_from_vec_to_map (line 264) | fn test_cpuid_modifier_from_vec_to_map() {
function test_cpuid_modifier_from_map_to_vec (line 271) | fn test_cpuid_modifier_from_map_to_vec() {
function test_format_msr_modifier_map_key (line 278) | fn test_format_msr_modifier_map_key() {
function build_sample_msr_modifier_vec (line 283) | fn build_sample_msr_modifier_vec() -> Vec<RegisterModifier> {
function build_sample_msr_modifier_map (line 291) | fn build_sample_msr_modifier_map() -> MsrModifierMap {
function test_msr_modifier_from_vec_to_map (line 300) | fn test_msr_modifier_from_vec_to_map() {
function test_msr_modifier_from_map_to_vec (line 307) | fn test_msr_modifier_from_map_to_vec() {
FILE: src/firecracker/build.rs
constant ADVANCED_BINARY_FILTER_FILE_NAME (line 6) | const ADVANCED_BINARY_FILTER_FILE_NAME: &str = "seccomp_filter.bpf";
constant JSON_DIR (line 8) | const JSON_DIR: &str = "../../resources/seccomp";
constant SECCOMPILER_SRC_DIR (line 9) | const SECCOMPILER_SRC_DIR: &str = "../seccompiler/src";
function main (line 14) | fn main() {
FILE: src/firecracker/examples/seccomp/harmless.rs
function main (line 3) | fn main() {
FILE: src/firecracker/examples/seccomp/jailer.rs
function main (line 10) | fn main() {
FILE: src/firecracker/examples/seccomp/malicious.rs
function main (line 3) | fn main() {
FILE: src/firecracker/examples/seccomp/panic.rs
function main (line 8) | fn main() {
FILE: src/firecracker/examples/uffd/fault_all_handler.rs
function main (line 16) | fn main() {
FILE: src/firecracker/examples/uffd/malicious_handler.rs
function main (line 14) | fn main() {
FILE: src/firecracker/examples/uffd/on_demand_handler.rs
function main (line 15) | fn main() {
FILE: src/firecracker/examples/uffd/uffd_utils.rs
type GuestRegionUffdMapping (line 32) | pub struct GuestRegionUffdMapping {
method contains (line 45) | fn contains(&self, fault_page_addr: u64) -> bool {
type UffdHandler (line 52) | pub struct UffdHandler {
method try_get_mappings_and_file (line 60) | fn try_get_mappings_and_file(
method get_mappings_and_file (line 77) | fn get_mappings_and_file(stream: &UnixStream) -> (String, File) {
method from_unix_stream (line 100) | pub fn from_unix_stream(stream: &UnixStream, backing_buffer: *const u8...
method read_event (line 130) | pub fn read_event(&mut self) -> Result<Option<Event>, Error> {
method unregister_range (line 134) | pub fn unregister_range(&mut self, start: *mut c_void, end: *mut c_voi...
method serve_pf (line 147) | pub fn serve_pf(&mut self, addr: *mut u8, len: usize) -> bool {
method populate_from_file (line 164) | fn populate_from_file(&self, region: &GuestRegionUffdMapping, dst: u64...
type Runtime (line 196) | pub struct Runtime {
method new (line 205) | pub fn new(stream: UnixStream, backing_file: File) -> Self {
method peer_process_credentials (line 235) | fn peer_process_credentials(&self) -> libc::ucred {
method install_panic_hook (line 257) | pub fn install_panic_hook(&self) {
method run (line 277) | pub fn run(&mut self, pf_event_dispatch: impl Fn(&mut UffdHandler)) {
function test_runtime (line 343) | fn test_runtime() {
FILE: src/firecracker/src/api_server/mod.rs
type ApiServer (line 29) | pub struct ApiServer {
method new (line 43) | pub fn new(
method run (line 63) | pub fn run(
method handle_request (line 121) | pub fn handle_request(
method serve_vmm_action_request (line 146) | fn serve_vmm_action_request(
method json_response (line 188) | pub(crate) fn json_response<T: Into<String> + Debug>(status: StatusCod...
method json_fault_message (line 194) | fn json_fault_message<T: AsRef<str> + serde::Serialize + Debug>(msg: T...
constant TEST_UNESCAPED_JSON_TEMPLATE (line 224) | const TEST_UNESCAPED_JSON_TEMPLATE: &str = r#"{
constant TEST_UNESCAPED_JSON_TEMPLATE (line 233) | pub const TEST_UNESCAPED_JSON_TEMPLATE: &str = r#"{
function test_serve_vmm_action_request (line 243) | fn test_serve_vmm_action_request() {
function test_handle_request (line 301) | fn test_handle_request() {
function test_handle_request_logging (line 353) | fn test_handle_request_logging() {
function test_bind_and_run (line 376) | fn test_bind_and_run() {
function test_bind_and_run_with_limit (line 418) | fn test_bind_and_run_with_limit() {
function test_kill_switch (line 464) | fn test_kill_switch() {
FILE: src/firecracker/src/api_server/parsed_request.rs
type RequestAction (line 37) | pub(crate) enum RequestAction {
type ParsingInfo (line 42) | pub(crate) struct ParsingInfo {
method append_deprecation_message (line 47) | pub fn append_deprecation_message(&mut self, message: &str) {
method take_deprecation_message (line 54) | pub fn take_deprecation_message(&mut self) -> Option<String> {
type ParsedRequest (line 60) | pub(crate) struct ParsedRequest {
type Error (line 66) | type Error = RequestError;
method try_from (line 67) | fn try_from(request: &Request) -> Result<Self, Self::Error> {
method new (line 137) | pub(crate) fn new(action: RequestAction) -> Self {
method into_parts (line 144) | pub(crate) fn into_parts(self) -> (RequestAction, ParsingInfo) {
method parsing_info (line 148) | pub(crate) fn parsing_info(&mut self) -> &mut ParsingInfo {
method success_response_with_data (line 152) | pub(crate) fn success_response_with_data<T>(body_data: &T) -> Response
method success_response_with_mmds_value (line 162) | pub(crate) fn success_response_with_mmds_value(body_data: &Value) -> R...
method convert_to_response (line 173) | pub(crate) fn convert_to_response(
method new_sync (line 226) | pub(crate) fn new_sync(vmm_action: VmmAction) -> ParsedRequest {
function describe (line 238) | fn describe(method: Method, path: &str, body: Option<&Body>) -> String {
function describe_with_body (line 258) | fn describe_with_body(method: Method, path: &str, payload_value: &Body) ...
function method_to_error (line 270) | pub(crate) fn method_to_error(method: Method) -> Result<ParsedRequest, R...
type RequestError (line 288) | pub(crate) enum RequestError {
method from (line 308) | fn from(err: RequestError) -> Self {
function checked_id (line 321) | pub(crate) fn checked_id(id: &str) -> Result<&str, RequestError> {
method eq (line 354) | fn eq(&self, other: &ParsedRequest) -> bool {
function vmm_action_from_request (line 367) | pub(crate) fn vmm_action_from_request(req: ParsedRequest) -> VmmAction {
function depr_action_from_req (line 373) | pub(crate) fn depr_action_from_req(req: ParsedRequest, msg: Option<Strin...
function http_response (line 385) | fn http_response(body: &str, status_code: i32) -> String {
function http_request (line 404) | fn http_request(request_type: &str, endpoint: &str, body: Option<&str>) ...
function test_missing_slash (line 421) | fn test_missing_slash() {
function test_checked_id (line 434) | fn test_checked_id() {
function test_invalid_get (line 449) | fn test_invalid_get() {
function test_invalid_put (line 465) | fn test_invalid_put() {
function test_invalid_patch (line 481) | fn test_invalid_patch() {
function test_error_into_response (line 508) | fn test_error_into_response() {
function test_describe (line 563) | fn test_describe() {
function test_convert_to_response (line 579) | fn test_convert_to_response() {
function test_try_from_get_info (line 647) | fn test_try_from_get_info() {
function test_try_from_get_balloon (line 659) | fn test_try_from_get_balloon() {
function test_try_from_get_balloon_stats (line 671) | fn test_try_from_get_balloon_stats() {
function test_try_from_get_balloon_hinting (line 683) | fn test_try_from_get_balloon_hinting() {
function test_try_from_get_machine_config (line 695) | fn test_try_from_get_machine_config() {
function test_try_from_get_mmds (line 707) | fn test_try_from_get_mmds() {
function test_try_from_get_version (line 719) | fn test_try_from_get_version() {
function test_try_from_put_actions (line 731) | fn test_try_from_put_actions() {
function test_try_from_put_balloon (line 744) | fn test_try_from_put_balloon() {
function test_try_from_put_entropy (line 758) | fn test_try_from_put_entropy() {
function test_try_from_put_boot (line 773) | fn test_try_from_put_boot() {
function test_try_from_put_drives (line 786) | fn test_try_from_put_drives() {
function test_try_from_put_logger (line 803) | fn test_try_from_put_logger() {
function test_try_from_put_machine_config (line 817) | fn test_try_from_put_machine_config() {
function test_try_from_put_metrics (line 830) | fn test_try_from_put_metrics() {
function test_try_from_put_mmds (line 843) | fn test_try_from_put_mmds() {
function test_try_from_put_netif (line 874) | fn test_try_from_put_netif() {
function test_try_from_put_snapshot (line 893) | fn test_try_from_put_snapshot() {
function test_try_from_patch_vm (line 926) | fn test_try_from_patch_vm() {
function test_try_from_put_vsock (line 939) | fn test_try_from_put_vsock() {
function test_try_from_patch_balloon (line 952) | fn test_try_from_patch_balloon() {
function test_try_from_patch_drives (line 1011) | fn test_try_from_patch_drives() {
function test_try_from_patch_machine_config (line 1024) | fn test_try_from_patch_machine_config() {
function test_try_from_put_cpu_config (line 1048) | fn test_try_from_put_cpu_config() {
function test_try_from_patch_mmds (line 1069) | fn test_try_from_patch_mmds() {
function test_try_from_patch_netif (line 1081) | fn test_try_from_patch_netif() {
FILE: src/firecracker/src/api_server/request/actions.rs
type ActionType (line 17) | enum ActionType {
type ActionBody (line 27) | struct ActionBody {
function parse_put_actions (line 31) | pub(crate) fn parse_put_actions(body: &Body) -> Result<ParsedRequest, Re...
function test_parse_put_actions_request (line 59) | fn test_parse_put_actions_request() {
FILE: src/firecracker/src/api_server/request/balloon.rs
function parse_get_hinting (line 14) | fn parse_get_hinting<'a, T>(mut path_tokens: T) -> Result<ParsedRequest,...
function parse_get_balloon (line 31) | pub(crate) fn parse_get_balloon<'a, T>(mut path_tokens: T) -> Result<Par...
function parse_put_balloon (line 46) | pub(crate) fn parse_put_balloon(body: &Body) -> Result<ParsedRequest, Re...
function parse_patch_hinting (line 52) | fn parse_patch_hinting<'a, T>(
function parse_patch_balloon (line 83) | pub(crate) fn parse_patch_balloon<'a, T>(
function test_parse_get_balloon_request (line 110) | fn test_parse_get_balloon_request() {
function test_parse_patch_balloon_request (line 123) | fn test_parse_patch_balloon_request() {
function test_parse_put_balloon_request (line 243) | fn test_parse_put_balloon_request() {
FILE: src/firecracker/src/api_server/request/boot_source.rs
function parse_put_boot_source (line 11) | pub(crate) fn parse_put_boot_source(body: &Body) -> Result<ParsedRequest...
function test_parse_boot_request (line 25) | fn test_parse_boot_request() {
FILE: src/firecracker/src/api_server/request/cpu_configuration.rs
function parse_put_cpu_config (line 11) | pub(crate) fn parse_put_cpu_config(body: &Body) -> Result<ParsedRequest,...
function test_parse_put_cpu_config_request (line 34) | fn test_parse_put_cpu_config_request() {
function test_parse_put_cpu_config_request_errors (line 65) | fn test_parse_put_cpu_config_request_errors() {
FILE: src/firecracker/src/api_server/request/drive.rs
function parse_put_drive (line 11) | pub(crate) fn parse_put_drive(
function parse_patch_drive (line 40) | pub(crate) fn parse_patch_drive(
function test_parse_patch_drive_request (line 76) | fn test_parse_patch_drive_request() {
function test_parse_put_drive_request (line 200) | fn test_parse_put_drive_request() {
FILE: src/firecracker/src/api_server/request/entropy.rs
function parse_put_entropy (line 10) | pub(crate) fn parse_put_entropy(body: &Body) -> Result<ParsedRequest, Re...
function test_parse_put_entropy_request (line 20) | fn test_parse_put_entropy_request() {
FILE: src/firecracker/src/api_server/request/hotplug/memory.rs
function parse_put_memory_hotplug (line 11) | pub(crate) fn parse_put_memory_hotplug(body: &Body) -> Result<ParsedRequ...
function parse_get_memory_hotplug (line 21) | pub(crate) fn parse_get_memory_hotplug() -> Result<ParsedRequest, Reques...
function parse_patch_memory_hotplug (line 26) | pub(crate) fn parse_patch_memory_hotplug(body: &Body) -> Result<ParsedRe...
function test_parse_put_memory_hotplug_request (line 48) | fn test_parse_put_memory_hotplug_request() {
function test_parse_parse_get_memory_hotplug_request (line 89) | fn test_parse_parse_get_memory_hotplug_request() {
function test_parse_patch_memory_hotplug_request (line 97) | fn test_parse_patch_memory_hotplug_request() {
FILE: src/firecracker/src/api_server/request/instance_info.rs
function parse_get_instance_info (line 9) | pub(crate) fn parse_get_instance_info() -> Result<ParsedRequest, Request...
function test_parse_get_instance_info_request (line 20) | fn test_parse_get_instance_info_request() {
FILE: src/firecracker/src/api_server/request/logger.rs
function parse_put_logger (line 10) | pub(crate) fn parse_put_logger(body: &Body) -> Result<ParsedRequest, Req...
function test_parse_put_logger_request (line 29) | fn test_parse_put_logger_request() {
FILE: src/firecracker/src/api_server/request/machine_configuration.rs
function parse_get_machine_config (line 11) | pub(crate) fn parse_get_machine_config() -> Result<ParsedRequest, Reques...
function parse_put_machine_config (line 16) | pub(crate) fn parse_put_machine_config(body: &Body) -> Result<ParsedRequ...
function parse_patch_machine_config (line 44) | pub(crate) fn parse_patch_machine_config(body: &Body) -> Result<ParsedRe...
function test_parse_get_machine_config_request (line 83) | fn test_parse_get_machine_config_request() {
function test_parse_put_machine_config_request (line 89) | fn test_parse_put_machine_config_request() {
function test_parse_patch_machine_config_request (line 238) | fn test_parse_patch_machine_config_request() {
function test_depr_cpu_template_in_put_req (line 277) | fn test_depr_cpu_template_in_put_req() {
function test_depr_cpu_template_in_patch_req (line 301) | fn test_depr_cpu_template_in_patch_req() {
FILE: src/firecracker/src/api_server/request/metrics.rs
function parse_put_metrics (line 11) | pub(crate) fn parse_put_metrics(body: &Body) -> Result<ParsedRequest, Re...
function test_parse_put_metrics_request (line 28) | fn test_parse_put_metrics_request() {
FILE: src/firecracker/src/api_server/request/mmds.rs
function parse_get_mmds (line 13) | pub(crate) fn parse_get_mmds() -> Result<ParsedRequest, RequestError> {
function parse_put_mmds_config (line 18) | fn parse_put_mmds_config(body: &Body) -> Result<ParsedRequest, RequestEr...
function parse_put_mmds (line 37) | pub(crate) fn parse_put_mmds(
function parse_patch_mmds (line 59) | pub(crate) fn parse_patch_mmds(body: &Body) -> Result<ParsedRequest, Req...
function test_parse_get_mmds_request (line 74) | fn test_parse_get_mmds_request() {
function test_parse_put_mmds_request (line 80) | fn test_parse_put_mmds_request() {
function test_deprecated_config (line 131) | fn test_deprecated_config() {
function test_parse_patch_mmds_request (line 165) | fn test_parse_patch_mmds_request() {
FILE: src/firecracker/src/api_server/request/net.rs
function parse_put_net (line 11) | pub(crate) fn parse_put_net(
function parse_patch_net (line 42) | pub(crate) fn parse_patch_net(
function test_parse_put_net_request (line 80) | fn test_parse_put_net_request() {
function test_parse_patch_net_request (line 118) | fn test_parse_patch_net_request() {
FILE: src/firecracker/src/api_server/request/pmem.rs
function parse_put_pmem (line 11) | pub(crate) fn parse_put_pmem(
function test_parse_put_pmem_request (line 46) | fn test_parse_put_pmem_request() {
FILE: src/firecracker/src/api_server/request/serial.rs
function parse_put_serial (line 11) | pub(crate) fn parse_put_serial(body: &Body) -> Result<ParsedRequest, Req...
function test_parse_put_serial_request (line 28) | fn test_parse_put_serial_request() {
FILE: src/firecracker/src/api_server/request/snapshot.rs
constant LOAD_DEPRECATION_MESSAGE (line 16) | const LOAD_DEPRECATION_MESSAGE: &str =
constant MISSING_FIELD (line 19) | pub const MISSING_FIELD: &str =
constant TOO_MANY_FIELDS (line 23) | pub const TOO_MANY_FIELDS: &str =
function parse_put_snapshot (line 26) | pub(crate) fn parse_put_snapshot(
function parse_patch_vm_state (line 46) | pub(crate) fn parse_patch_vm_state(body: &Body) -> Result<ParsedRequest,...
function parse_put_snapshot_create (line 55) | fn parse_put_snapshot_create(body: &Body) -> Result<ParsedRequest, Reque...
function parse_put_snapshot_load (line 62) | fn parse_put_snapshot_load(body: &Body) -> Result<ParsedRequest, Request...
function test_parse_put_snapshot (line 135) | fn test_parse_put_snapshot() {
function test_parse_patch_vm_state (line 407) | fn test_parse_patch_vm_state() {
FILE: src/firecracker/src/api_server/request/version.rs
function parse_get_version (line 9) | pub(crate) fn parse_get_version() -> Result<ParsedRequest, RequestError> {
function test_parse_get_version_request (line 20) | fn test_parse_get_version_request() {
FILE: src/firecracker/src/api_server/request/vsock.rs
function parse_put_vsock (line 11) | pub(crate) fn parse_put_vsock(body: &Body) -> Result<ParsedRequest, Requ...
function test_parse_put_vsock_request (line 41) | fn test_parse_put_vsock_request() {
function test_depr_vsock_id (line 56) | fn test_depr_vsock_id() {
FILE: src/firecracker/src/api_server_adapter.rs
type ApiServerError (line 25) | pub enum ApiServerError {
type ApiServerAdapter (line 39) | struct ApiServerAdapter {
method run_microvm (line 49) | fn run_microvm(
method handle_request (line 77) | fn handle_request(&mut self, req_action: VmmAction) {
method process (line 88) | fn process(&mut self, event: Events, _: &mut EventOps) {
method init (line 129) | fn init(&mut self, ops: &mut EventOps) {
function run_with_api (line 137) | pub(crate) fn run_with_api(
FILE: src/firecracker/src/generated/prctl.rs
constant PR_SET_PDEATHSIG (line 19) | pub const PR_SET_PDEATHSIG: u32 = 1;
constant PR_GET_PDEATHSIG (line 20) | pub const PR_GET_PDEATHSIG: u32 = 2;
constant PR_GET_DUMPABLE (line 21) | pub const PR_GET_DUMPABLE: u32 = 3;
constant PR_SET_DUMPABLE (line 22) | pub const PR_SET_DUMPABLE: u32 = 4;
constant PR_GET_UNALIGN (line 23) | pub const PR_GET_UNALIGN: u32 = 5;
constant PR_SET_UNALIGN (line 24) | pub const PR_SET_UNALIGN: u32 = 6;
constant PR_UNALIGN_NOPRINT (line 25) | pub const PR_UNALIGN_NOPRINT: u32 = 1;
constant PR_UNALIGN_SIGBUS (line 26) | pub const PR_UNALIGN_SIGBUS: u32 = 2;
constant PR_GET_KEEPCAPS (line 27) | pub const PR_GET_KEEPCAPS: u32 = 7;
constant PR_SET_KEEPCAPS (line 28) | pub const PR_SET_KEEPCAPS: u32 = 8;
constant PR_GET_FPEMU (line 29) | pub const PR_GET_FPEMU: u32 = 9;
constant PR_SET_FPEMU (line 30) | pub const PR_SET_FPEMU: u32 = 10;
constant PR_FPEMU_NOPRINT (line 31) | pub const PR_FPEMU_NOPRINT: u32 = 1;
constant PR_FPEMU_SIGFPE (line 32) | pub const PR_FPEMU_SIGFPE: u32 = 2;
constant PR_GET_FPEXC (line 33) | pub const PR_GET_FPEXC: u32 = 11;
constant PR_SET_FPEXC (line 34) | pub const PR_SET_FPEXC: u32 = 12;
constant PR_FP_EXC_SW_ENABLE (line 35) | pub const PR_FP_EXC_SW_ENABLE: u32 = 128;
constant PR_FP_EXC_DIV (line 36) | pub const PR_FP_EXC_DIV: u32 = 65536;
constant PR_FP_EXC_OVF (line 37) | pub const PR_FP_EXC_OVF: u32 = 131072;
constant PR_FP_EXC_UND (line 38) | pub const PR_FP_EXC_UND: u32 = 262144;
constant PR_FP_EXC_RES (line 39) | pub const PR_FP_EXC_RES: u32 = 524288;
constant PR_FP_EXC_INV (line 40) | pub const PR_FP_EXC_INV: u32 = 1048576;
constant PR_FP_EXC_DISABLED (line 41) | pub const PR_FP_EXC_DISABLED: u32 = 0;
constant PR_FP_EXC_NONRECOV (line 42) | pub const PR_FP_EXC_NONRECOV: u32 = 1;
constant PR_FP_EXC_ASYNC (line 43) | pub const PR_FP_EXC_ASYNC: u32 = 2;
constant PR_FP_EXC_PRECISE (line 44) | pub const PR_FP_EXC_PRECISE: u32 = 3;
constant PR_GET_TIMING (line 45) | pub const PR_GET_TIMING: u32 = 13;
constant PR_SET_TIMING (line 46) | pub const PR_SET_TIMING: u32 = 14;
constant PR_TIMING_STATISTICAL (line 47) | pub const PR_TIMING_STATISTICAL: u32 = 0;
constant PR_TIMING_TIMESTAMP (line 48) | pub const PR_TIMING_TIMESTAMP: u32 = 1;
constant PR_SET_NAME (line 49) | pub const PR_SET_NAME: u32 = 15;
constant PR_GET_NAME (line 50) | pub const PR_GET_NAME: u32 = 16;
constant PR_GET_ENDIAN (line 51) | pub const PR_GET_ENDIAN: u32 = 19;
constant PR_SET_ENDIAN (line 52) | pub const PR_SET_ENDIAN: u32 = 20;
constant PR_ENDIAN_BIG (line 53) | pub const PR_ENDIAN_BIG: u32 = 0;
constant PR_ENDIAN_LITTLE (line 54) | pub const PR_ENDIAN_LITTLE: u32 = 1;
constant PR_ENDIAN_PPC_LITTLE (line 55) | pub const PR_ENDIAN_PPC_LITTLE: u32 = 2;
constant PR_GET_SECCOMP (line 56) | pub const PR_GET_SECCOMP: u32 = 21;
constant PR_SET_SECCOMP (line 57) | pub const PR_SET_SECCOMP: u32 = 22;
constant PR_CAPBSET_READ (line 58) | pub const PR_CAPBSET_READ: u32 = 23;
constant PR_CAPBSET_DROP (line 59) | pub const PR_CAPBSET_DROP: u32 = 24;
constant PR_GET_TSC (line 60) | pub const PR_GET_TSC: u32 = 25;
constant PR_SET_TSC (line 61) | pub const PR_SET_TSC: u32 = 26;
constant PR_TSC_ENABLE (line 62) | pub const PR_TSC_ENABLE: u32 = 1;
constant PR_TSC_SIGSEGV (line 63) | pub const PR_TSC_SIGSEGV: u32 = 2;
constant PR_GET_SECUREBITS (line 64) | pub const PR_GET_SECUREBITS: u32 = 27;
constant PR_SET_SECUREBITS (line 65) | pub const PR_SET_SECUREBITS: u32 = 28;
constant PR_SET_TIMERSLACK (line 66) | pub const PR_SET_TIMERSLACK: u32 = 29;
constant PR_GET_TIMERSLACK (line 67) | pub const PR_GET_TIMERSLACK: u32 = 30;
constant PR_TASK_PERF_EVENTS_DISABLE (line 68) | pub const PR_TASK_PERF_EVENTS_DISABLE: u32 = 31;
constant PR_TASK_PERF_EVENTS_ENABLE (line 69) | pub const PR_TASK_PERF_EVENTS_ENABLE: u32 = 32;
constant PR_MCE_KILL (line 70) | pub const PR_MCE_KILL: u32 = 33;
constant PR_MCE_KILL_CLEAR (line 71) | pub const PR_MCE_KILL_CLEAR: u32 = 0;
constant PR_MCE_KILL_SET (line 72) | pub const PR_MCE_KILL_SET: u32 = 1;
constant PR_MCE_KILL_LATE (line 73) | pub const PR_MCE_KILL_LATE: u32 = 0;
constant PR_MCE_KILL_EARLY (line 74) | pub const PR_MCE_KILL_EARLY: u32 = 1;
constant PR_MCE_KILL_DEFAULT (line 75) | pub const PR_MCE_KILL_DEFAULT: u32 = 2;
constant PR_MCE_KILL_GET (line 76) | pub const PR_MCE_KILL_GET: u32 = 34;
constant PR_SET_MM (line 77) | pub const PR_SET_MM: u32 = 35;
constant PR_SET_MM_START_CODE (line 78) | pub const PR_SET_MM_START_CODE: u32 = 1;
constant PR_SET_MM_END_CODE (line 79) | pub const PR_SET_MM_END_CODE: u32 = 2;
constant PR_SET_MM_START_DATA (line 80) | pub const PR_SET_MM_START_DATA: u32 = 3;
constant PR_SET_MM_END_DATA (line 81) | pub const PR_SET_MM_END_DATA: u32 = 4;
constant PR_SET_MM_START_STACK (line 82) | pub const PR_SET_MM_START_STACK: u32 = 5;
constant PR_SET_MM_START_BRK (line 83) | pub const PR_SET_MM_START_BRK: u32 = 6;
constant PR_SET_MM_BRK (line 84) | pub const PR_SET_MM_BRK: u32 = 7;
constant PR_SET_MM_ARG_START (line 85) | pub const PR_SET_MM_ARG_START: u32 = 8;
constant PR_SET_MM_ARG_END (line 86) | pub const PR_SET_MM_ARG_END: u32 = 9;
constant PR_SET_MM_ENV_START (line 87) | pub const PR_SET_MM_ENV_START: u32 = 10;
constant PR_SET_MM_ENV_END (line 88) | pub const PR_SET_MM_ENV_END: u32 = 11;
constant PR_SET_MM_AUXV (line 89) | pub const PR_SET_MM_AUXV: u32 = 12;
constant PR_SET_MM_EXE_FILE (line 90) | pub const PR_SET_MM_EXE_FILE: u32 = 13;
constant PR_SET_MM_MAP (line 91) | pub const PR_SET_MM_MAP: u32 = 14;
constant PR_SET_MM_MAP_SIZE (line 92) | pub const PR_SET_MM_MAP_SIZE: u32 = 15;
constant PR_SET_PTRACER (line 93) | pub const PR_SET_PTRACER: u32 = 1499557217;
constant PR_SET_CHILD_SUBREAPER (line 94) | pub const PR_SET_CHILD_SUBREAPER: u32 = 36;
constant PR_GET_CHILD_SUBREAPER (line 95) | pub const PR_GET_CHILD_SUBREAPER: u32 = 37;
constant PR_SET_NO_NEW_PRIVS (line 96) | pub const PR_SET_NO_NEW_PRIVS: u32 = 38;
constant PR_GET_NO_NEW_PRIVS (line 97) | pub const PR_GET_NO_NEW_PRIVS: u32 = 39;
constant PR_GET_TID_ADDRESS (line 98) | pub const PR_GET_TID_ADDRESS: u32 = 40;
constant PR_SET_THP_DISABLE (line 99) | pub const PR_SET_THP_DISABLE: u32 = 41;
constant PR_GET_THP_DISABLE (line 100) | pub const PR_GET_THP_DISABLE: u32 = 42;
constant PR_MPX_ENABLE_MANAGEMENT (line 101) | pub const PR_MPX_ENABLE_MANAGEMENT: u32 = 43;
constant PR_MPX_DISABLE_MANAGEMENT (line 102) | pub const PR_MPX_DISABLE_MANAGEMENT: u32 = 44;
constant PR_SET_FP_MODE (line 103) | pub const PR_SET_FP_MODE: u32 = 45;
constant PR_GET_FP_MODE (line 104) | pub const PR_GET_FP_MODE: u32 = 46;
constant PR_FP_MODE_FR (line 105) | pub const PR_FP_MODE_FR: u32 = 1;
constant PR_FP_MODE_FRE (line 106) | pub const PR_FP_MODE_FRE: u32 = 2;
constant PR_CAP_AMBIENT (line 107) | pub const PR_CAP_AMBIENT: u32 = 47;
constant PR_CAP_AMBIENT_IS_SET (line 108) | pub const PR_CAP_AMBIENT_IS_SET: u32 = 1;
constant PR_CAP_AMBIENT_RAISE (line 109) | pub const PR_CAP_AMBIENT_RAISE: u32 = 2;
constant PR_CAP_AMBIENT_LOWER (line 110) | pub const PR_CAP_AMBIENT_LOWER: u32 = 3;
constant PR_CAP_AMBIENT_CLEAR_ALL (line 111) | pub const PR_CAP_AMBIENT_CLEAR_ALL: u32 = 4;
constant PR_SVE_SET_VL (line 112) | pub const PR_SVE_SET_VL: u32 = 50;
constant PR_SVE_SET_VL_ONEXEC (line 113) | pub const PR_SVE_SET_VL_ONEXEC: u32 = 262144;
constant PR_SVE_GET_VL (line 114) | pub const PR_SVE_GET_VL: u32 = 51;
constant PR_SVE_VL_LEN_MASK (line 115) | pub const PR_SVE_VL_LEN_MASK: u32 = 65535;
constant PR_SVE_VL_INHERIT (line 116) | pub const PR_SVE_VL_INHERIT: u32 = 131072;
constant PR_GET_SPECULATION_CTRL (line 117) | pub const PR_GET_SPECULATION_CTRL: u32 = 52;
constant PR_SET_SPECULATION_CTRL (line 118) | pub const PR_SET_SPECULATION_CTRL: i32 = 53;
constant PR_SPEC_STORE_BYPASS (line 119) | pub const PR_SPEC_STORE_BYPASS: u32 = 0;
constant PR_SPEC_INDIRECT_BRANCH (line 120) | pub const PR_SPEC_INDIRECT_BRANCH: u32 = 1;
constant PR_SPEC_L1D_FLUSH (line 121) | pub const PR_SPEC_L1D_FLUSH: u32 = 2;
constant PR_SPEC_NOT_AFFECTED (line 122) | pub const PR_SPEC_NOT_AFFECTED: u32 = 0;
constant PR_SPEC_PRCTL (line 123) | pub const PR_SPEC_PRCTL: u32 = 1;
constant PR_SPEC_ENABLE (line 124) | pub const PR_SPEC_ENABLE: u32 = 2;
constant PR_SPEC_DISABLE (line 125) | pub const PR_SPEC_DISABLE: u32 = 4;
constant PR_SPEC_FORCE_DISABLE (line 126) | pub const PR_SPEC_FORCE_DISABLE: u32 = 8;
constant PR_SPEC_DISABLE_NOEXEC (line 127) | pub const PR_SPEC_DISABLE_NOEXEC: u32 = 16;
constant PR_PAC_RESET_KEYS (line 128) | pub const PR_PAC_RESET_KEYS: u32 = 54;
constant PR_PAC_APIAKEY (line 129) | pub const PR_PAC_APIAKEY: u32 = 1;
constant PR_PAC_APIBKEY (line 130) | pub const PR_PAC_APIBKEY: u32 = 2;
constant PR_PAC_APDAKEY (line 131) | pub const PR_PAC_APDAKEY: u32 = 4;
constant PR_PAC_APDBKEY (line 132) | pub const PR_PAC_APDBKEY: u32 = 8;
constant PR_PAC_APGAKEY (line 133) | pub const PR_PAC_APGAKEY: u32 = 16;
constant PR_SET_TAGGED_ADDR_CTRL (line 134) | pub const PR_SET_TAGGED_ADDR_CTRL: u32 = 55;
constant PR_GET_TAGGED_ADDR_CTRL (line 135) | pub const PR_GET_TAGGED_ADDR_CTRL: u32 = 56;
constant PR_TAGGED_ADDR_ENABLE (line 136) | pub const PR_TAGGED_ADDR_ENABLE: u32 = 1;
constant PR_MTE_TCF_NONE (line 137) | pub const PR_MTE_TCF_NONE: u32 = 0;
constant PR_MTE_TCF_SYNC (line 138) | pub const PR_MTE_TCF_SYNC: u32 = 2;
constant PR_MTE_TCF_ASYNC (line 139) | pub const PR_MTE_TCF_ASYNC: u32 = 4;
constant PR_MTE_TCF_MASK (line 140) | pub const PR_MTE_TCF_MASK: u32 = 6;
constant PR_MTE_TAG_SHIFT (line 141) | pub const PR_MTE_TAG_SHIFT: u32 = 3;
constant PR_MTE_TAG_MASK (line 142) | pub const PR_MTE_TAG_MASK: u32 = 524280;
constant PR_MTE_TCF_SHIFT (line 143) | pub const PR_MTE_TCF_SHIFT: u32 = 1;
constant PR_PMLEN_SHIFT (line 144) | pub const PR_PMLEN_SHIFT: u32 = 24;
constant PR_PMLEN_MASK (line 145) | pub const PR_PMLEN_MASK: u32 = 2130706432;
constant PR_SET_IO_FLUSHER (line 146) | pub const PR_SET_IO_FLUSHER: u32 = 57;
constant PR_GET_IO_FLUSHER (line 147) | pub const PR_GET_IO_FLUSHER: u32 = 58;
constant PR_SET_SYSCALL_USER_DISPATCH (line 148) | pub const PR_SET_SYSCALL_USER_DISPATCH: u32 = 59;
constant PR_SYS_DISPATCH_OFF (line 149) | pub const PR_SYS_DISPATCH_OFF: u32 = 0;
constant PR_SYS_DISPATCH_ON (line 150) | pub const PR_SYS_DISPATCH_ON: u32 = 1;
constant PR_PAC_SET_ENABLED_KEYS (line 151) | pub const PR_PAC_SET_ENABLED_KEYS: u32 = 60;
constant PR_PAC_GET_ENABLED_KEYS (line 152) | pub const PR_PAC_GET_ENABLED_KEYS: u32 = 61;
constant PR_SCHED_CORE (line 153) | pub const PR_SCHED_CORE: u32 = 62;
constant PR_SCHED_CORE_GET (line 154) | pub const PR_SCHED_CORE_GET: u32 = 0;
constant PR_SCHED_CORE_CREATE (line 155) | pub const PR_SCHED_CORE_CREATE: u32 = 1;
constant PR_SCHED_CORE_SHARE_TO (line 156) | pub const PR_SCHED_CORE_SHARE_TO: u32 = 2;
constant PR_SCHED_CORE_SHARE_FROM (line 157) | pub const PR_SCHED_CORE_SHARE_FROM: u32 = 3;
constant PR_SCHED_CORE_MAX (line 158) | pub const PR_SCHED_CORE_MAX: u32 = 4;
constant PR_SCHED_CORE_SCOPE_THREAD (line 159) | pub const PR_SCHED_CORE_SCOPE_THREAD: u32 = 0;
constant PR_SCHED_CORE_SCOPE_THREAD_GROUP (line 160) | pub const PR_SCHED_CORE_SCOPE_THREAD_GROUP: u32 = 1;
constant PR_SCHED_CORE_SCOPE_PROCESS_GROUP (line 161) | pub const PR_SCHED_CORE_SCOPE_PROCESS_GROUP: u32 = 2;
constant PR_SME_SET_VL (line 162) | pub const PR_SME_SET_VL: u32 = 63;
constant PR_SME_SET_VL_ONEXEC (line 163) | pub const PR_SME_SET_VL_ONEXEC: u32 = 262144;
constant PR_SME_GET_VL (line 164) | pub const PR_SME_GET_VL: u32 = 64;
constant PR_SME_VL_LEN_MASK (line 165) | pub const PR_SME_VL_LEN_MASK: u32 = 65535;
constant PR_SME_VL_INHERIT (line 166) | pub const PR_SME_VL_INHERIT: u32 = 131072;
constant PR_SET_MDWE (line 167) | pub const PR_SET_MDWE: u32 = 65;
constant PR_MDWE_REFUSE_EXEC_GAIN (line 168) | pub const PR_MDWE_REFUSE_EXEC_GAIN: u32 = 1;
constant PR_MDWE_NO_INHERIT (line 169) | pub const PR_MDWE_NO_INHERIT: u32 = 2;
constant PR_GET_MDWE (line 170) | pub const PR_GET_MDWE: u32 = 66;
constant PR_SET_VMA (line 171) | pub const PR_SET_VMA: u32 = 1398164801;
constant PR_SET_VMA_ANON_NAME (line 172) | pub const PR_SET_VMA_ANON_NAME: u32 = 0;
constant PR_GET_AUXV (line 173) | pub const PR_GET_AUXV: u32 = 1096112214;
constant PR_SET_MEMORY_MERGE (line 174) | pub const PR_SET_MEMORY_MERGE: u32 = 67;
constant PR_GET_MEMORY_MERGE (line 175) | pub const PR_GET_MEMORY_MERGE: u32 = 68;
constant PR_RISCV_V_SET_CONTROL (line 176) | pub const PR_RISCV_V_SET_CONTROL: u32 = 69;
constant PR_RISCV_V_GET_CONTROL (line 177) | pub const PR_RISCV_V_GET_CONTROL: u32 = 70;
constant PR_RISCV_V_VSTATE_CTRL_DEFAULT (line 178) | pub const PR_RISCV_V_VSTATE_CTRL_DEFAULT: u32 = 0;
constant PR_RISCV_V_VSTATE_CTRL_OFF (line 179) | pub const PR_RISCV_V_VSTATE_CTRL_OFF: u32 = 1;
constant PR_RISCV_V_VSTATE_CTRL_ON (line 180) | pub const PR_RISCV_V_VSTATE_CTRL_ON: u32 = 2;
constant PR_RISCV_V_VSTATE_CTRL_INHERIT (line 181) | pub const PR_RISCV_V_VSTATE_CTRL_INHERIT: u32 = 16;
constant PR_RISCV_V_VSTATE_CTRL_CUR_MASK (line 182) | pub const PR_RISCV_V_VSTATE_CTRL_CUR_MASK: u32 = 3;
constant PR_RISCV_V_VSTATE_CTRL_NEXT_MASK (line 183) | pub const PR_RISCV_V_VSTATE_CTRL_NEXT_MASK: u32 = 12;
constant PR_RISCV_V_VSTATE_CTRL_MASK (line 184) | pub const PR_RISCV_V_VSTATE_CTRL_MASK: u32 = 31;
constant PR_RISCV_SET_ICACHE_FLUSH_CTX (line 185) | pub const PR_RISCV_SET_ICACHE_FLUSH_CTX: u32 = 71;
constant PR_RISCV_CTX_SW_FENCEI_ON (line 186) | pub const PR_RISCV_CTX_SW_FENCEI_ON: u32 = 0;
constant PR_RISCV_CTX_SW_FENCEI_OFF (line 187) | pub const PR_RISCV_CTX_SW_FENCEI_OFF: u32 = 1;
constant PR_RISCV_SCOPE_PER_PROCESS (line 188) | pub const PR_RISCV_SCOPE_PER_PROCESS: u32 = 0;
constant PR_RISCV_SCOPE_PER_THREAD (line 189) | pub const PR_RISCV_SCOPE_PER_THREAD: u32 = 1;
constant PR_PPC_GET_DEXCR (line 190) | pub const PR_PPC_GET_DEXCR: u32 = 72;
constant PR_PPC_SET_DEXCR (line 191) | pub const PR_PPC_SET_DEXCR: u32 = 73;
constant PR_PPC_DEXCR_SBHE (line 192) | pub const PR_PPC_DEXCR_SBHE: u32 = 0;
constant PR_PPC_DEXCR_IBRTPD (line 193) | pub const PR_PPC_DEXCR_IBRTPD: u32 = 1;
constant PR_PPC_DEXCR_SRAPD (line 194) | pub const PR_PPC_DEXCR_SRAPD: u32 = 2;
constant PR_PPC_DEXCR_NPHIE (line 195) | pub const PR_PPC_DEXCR_NPHIE: u32 = 3;
constant PR_PPC_DEXCR_CTRL_EDITABLE (line 196) | pub const PR_PPC_DEXCR_CTRL_EDITABLE: u32 = 1;
constant PR_PPC_DEXCR_CTRL_SET (line 197) | pub const PR_PPC_DEXCR_CTRL_SET: u32 = 2;
constant PR_PPC_DEXCR_CTRL_CLEAR (line 198) | pub const PR_PPC_DEXCR_CTRL_CLEAR: u32 = 4;
constant PR_PPC_DEXCR_CTRL_SET_ONEXEC (line 199) | pub const PR_PPC_DEXCR_CTRL_SET_ONEXEC: u32 = 8;
constant PR_PPC_DEXCR_CTRL_CLEAR_ONEXEC (line 200) | pub const PR_PPC_DEXCR_CTRL_CLEAR_ONEXEC: u32 = 16;
constant PR_PPC_DEXCR_CTRL_MASK (line 201) | pub const PR_PPC_DEXCR_CTRL_MASK: u32 = 31;
constant PR_GET_SHADOW_STACK_STATUS (line 202) | pub const PR_GET_SHADOW_STACK_STATUS: u32 = 74;
constant PR_SET_SHADOW_STACK_STATUS (line 203) | pub const PR_SET_SHADOW_STACK_STATUS: u32 = 75;
constant PR_SHADOW_STACK_ENABLE (line 204) | pub const PR_SHADOW_STACK_ENABLE: u32 = 1;
constant PR_SHADOW_STACK_WRITE (line 205) | pub const PR_SHADOW_STACK_WRITE: u32 = 2;
constant PR_SHADOW_STACK_PUSH (line 206) | pub const PR_SHADOW_STACK_PUSH: u32 = 4;
constant PR_LOCK_SHADOW_STACK_STATUS (line 207) | pub const PR_LOCK_SHADOW_STACK_STATUS: u32 = 76;
FILE: src/firecracker/src/main.rs
constant DEFAULT_API_SOCK_PATH (line 42) | const DEFAULT_API_SOCK_PATH: &str = "/run/firecracker.socket";
constant FIRECRACKER_VERSION (line 43) | const FIRECRACKER_VERSION: &str = env!("CARGO_PKG_VERSION");
constant MMDS_CONTENT_ARG (line 44) | const MMDS_CONTENT_ARG: &str = "metadata";
type MainError (line 47) | enum MainError {
type ResizeFdTableError (line 73) | enum ResizeFdTableError {
method from (line 83) | fn from(value: MainError) -> Self {
function main (line 94) | fn main() -> ExitCode {
function main_exec (line 108) | fn main_exec() -> Result<(), MainError> {
function resize_fdtable (line 463) | fn resize_fdtable() -> Result<(), ResizeFdTableError> {
function enable_ssbd_mitigation (line 505) | pub fn enable_ssbd_mitigation() {
function warn_deprecated_parameters (line 534) | fn warn_deprecated_parameters() {}
type SnapshotVersionError (line 537) | enum SnapshotVersionError {
function print_snapshot_data_format (line 545) | fn print_snapshot_data_format(snapshot_path: &str) -> Result<(), Snapsho...
type BuildFromJsonError (line 557) | pub enum BuildFromJsonError {
function build_microvm_from_json (line 566) | fn build_microvm_from_json(
type RunWithoutApiError (line 595) | enum RunWithoutApiError {
function run_without_api (line 602) | fn run_without_api(
FILE: src/firecracker/src/metrics.rs
constant WRITE_METRICS_PERIOD_MS (line 13) | pub(crate) const WRITE_METRICS_PERIOD_MS: u64 = 60000;
type PeriodicMetrics (line 17) | pub(crate) struct PeriodicMetrics {
method new (line 25) | pub fn new() -> Self {
method start (line 35) | pub(crate) fn start(&mut self, interval_ms: u64) {
method write_metrics (line 44) | fn write_metrics(&mut self) {
method process (line 59) | fn process(&mut self, event: Events, _: &mut EventOps) {
method init (line 82) | fn init(&mut self, ops: &mut EventOps) {
function test_periodic_metrics (line 98) | fn test_periodic_metrics() {
FILE: src/firecracker/src/seccomp.rs
constant THREAD_CATEGORIES (line 10) | const THREAD_CATEGORIES: [&str; 3] = ["vmm", "api", "vcpu"];
type FilterError (line 14) | pub enum FilterError {
type SeccompConfig (line 27) | pub enum SeccompConfig {
method from_args (line 38) | pub fn from_args<T: AsRef<Path> + Debug>(
function get_filters (line 56) | pub fn get_filters(config: SeccompConfig) -> Result<BpfThreadMap, Filter...
function get_default_filters (line 66) | fn get_default_filters() -> Result<BpfThreadMap, FilterError> {
function get_custom_filters (line 74) | fn get_custom_filters<R: Read + Debug>(reader: R) -> Result<BpfThreadMap...
function filter_thread_categories (line 80) | fn filter_thread_categories(map: BpfThreadMap) -> Result<BpfThreadMap, F...
function test_get_filters (line 118) | fn test_get_filters() {
function test_filter_thread_categories (line 137) | fn test_filter_thread_categories() {
function test_seccomp_config (line 172) | fn test_seccomp_config() {
FILE: src/firecracker/tests/verify_dependencies.rs
function test_no_comparison_requirements (line 14) | fn test_no_comparison_requirements() {
function violating_dependencies_of_cargo_toml (line 49) | fn violating_dependencies_of_cargo_toml<T: AsRef<Path> + Debug>(
function violating_dependencies_of_depsset (line 66) | fn violating_dependencies_of_depsset(depsset: DepsSet) -> impl Iterator<...
FILE: src/jailer/src/cgroup.rs
type CgroupMountPoint (line 18) | struct CgroupMountPoint {
type CgroupHierarchies (line 25) | struct CgroupHierarchies {
method new (line 35) | fn new(ver: u8, proc_mounts_path: &str) -> Result<Self, JailerError> {
method get_v1_hierarchy_path (line 96) | fn get_v1_hierarchy_path(&mut self, controller: &str) -> Result<&PathB...
method get_v2_hierarchy_path (line 123) | pub fn get_v2_hierarchy_path(&self) -> Result<&PathBuf, JailerError> {
type CgroupConfigurationBuilder (line 135) | pub struct CgroupConfigurationBuilder {
method new (line 143) | pub fn new(ver: u8, proc_mounts_path: &str) -> Result<Self, JailerErro...
method add_cgroup_property (line 155) | pub fn add_cgroup_property(
method build (line 183) | pub fn build(self) -> CgroupConfiguration {
method get_v2_hierarchy_path (line 188) | pub fn get_v2_hierarchy_path(&self) -> Result<&PathBuf, JailerError> {
type CgroupProperty (line 194) | struct CgroupProperty {
type CgroupBase (line 200) | struct CgroupBase {
type CgroupV1 (line 206) | pub struct CgroupV1 {
method new (line 329) | pub fn new(id: &str, parent_cg: &Path, controller_path: &Path) -> Resu...
type CgroupV2 (line 212) | pub struct CgroupV2 {
method write_all_subtree_control (line 384) | fn write_all_subtree_control<P>(path: P, controller: &str) -> Result<(...
method detect_available_controllers (line 406) | fn detect_available_controllers<P>(mount_point: P) -> HashSet<String>
method new (line 426) | pub fn new(id: &str, parent_cg: &Path, unified_path: &Path) -> Result<...
type Cgroup (line 217) | pub trait Cgroup: Debug {
method add_property (line 219) | fn add_property(&mut self, file: String, value: String) -> Result<(), ...
method write_values (line 222) | fn write_values(&self) -> Result<(), JailerError>;
method attach_pid (line 225) | fn attach_pid(&self) -> Result<(), JailerError>;
method add_property (line 349) | fn add_property(&mut self, file: String, value: String) -> Result<(), ...
method write_values (line 354) | fn write_values(&self) -> Result<(), JailerError> {
method attach_pid (line 369) | fn attach_pid(&self) -> Result<(), JailerError> {
method add_property (line 442) | fn add_property(&mut self, file: String, value: String) -> Result<(), ...
method write_values (line 454) | fn write_values(&self) -> Result<(), JailerError> {
method attach_pid (line 478) | fn attach_pid(&self) -> Result<(), JailerError> {
type CgroupConfiguration (line 229) | pub enum CgroupConfiguration {
method setup (line 235) | pub fn setup(&self) -> Result<(), JailerError> {
function inherit_from_parent_aux (line 273) | fn inherit_from_parent_aux(
function inherit_from_parent (line 310) | fn inherit_from_parent(path: &Path, file_name: &str, depth: u16) -> Resu...
function get_controller_from_filename (line 316) | fn get_controller_from_filename(file: &str) -> Result<&str, JailerError> {
function setup_cgroup_conf (line 488) | pub fn setup_cgroup_conf(conf: &HashMap<String, impl Cgroup>) -> Result<...
type MockCgroupFs (line 510) | pub struct MockCgroupFs {
method create_file_with_contents (line 522) | pub fn create_file_with_contents<P: AsRef<Path> + Debug>(
method new (line 537) | pub fn new() -> Result<MockCgroupFs, std::io::Error> {
method add_v2_mounts (line 560) | pub fn add_v2_mounts(&mut self) -> Result<(), std::io::Error> {
method add_v1_mounts (line 577) | pub fn add_v1_mounts(&mut self) -> Result<(), std::io::Error> {
function read_first_line (line 613) | fn read_first_line<P>(filename: P) -> Result<String, std::io::Error>
function test_cgroup_conf_builder_invalid_version (line 626) | fn test_cgroup_conf_builder_invalid_version() {
function test_cgroup_conf_builder_no_mounts (line 634) | fn test_cgroup_conf_builder_no_mounts() {
function test_cgroup_conf_builder_v1 (line 642) | fn test_cgroup_conf_builder_v1() {
function test_cgroup_conf_builder_v2 (line 651) | fn test_cgroup_conf_builder_v2() {
function test_cgroup_conf_builder_v2_with_v1_mounts (line 660) | fn test_cgroup_conf_builder_v2_with_v1_mounts() {
function test_cgroup_conf_builder_v2_no_mounts (line 669) | fn test_cgroup_conf_builder_v2_no_mounts() {
function test_cgroup_conf_builder_v1_with_v2_mounts (line 677) | fn test_cgroup_conf_builder_v1_with_v2_mounts() {
function test_cgroup_conf_build (line 686) | fn test_cgroup_conf_build() {
function test_cgroup_conf_build_invalid (line 711) | fn test_cgroup_conf_build_invalid() {
function test_cgroup_conf_v1_write_value (line 734) | fn test_cgroup_conf_v1_write_value() {
function test_cgroup_conf_v2_write_value (line 771) | fn test_cgroup_conf_v2_write_value() {
function test_inherit_from_parent (line 838) | fn test_inherit_from_parent() {
function test_get_controller (line 876) | fn test_get_controller() {
FILE: src/jailer/src/chroot.rs
constant OLD_ROOT_DIR (line 13) | const OLD_ROOT_DIR: &CStr = c"old_root";
constant ROOT_DIR (line 14) | const ROOT_DIR: &CStr = c"/";
constant CURRENT_DIR (line 15) | const CURRENT_DIR: &CStr = c".";
function chroot (line 19) | pub fn chroot(path: &Path) -> Result<(), JailerError> {
FILE: src/jailer/src/env.rs
constant PROC_MOUNTS (line 24) | pub const PROC_MOUNTS: &str = "/proc/mounts";
constant STDIN_FILENO (line 26) | const STDIN_FILENO: libc::c_int = 0;
constant STDOUT_FILENO (line 27) | const STDOUT_FILENO: libc::c_int = 1;
constant STDERR_FILENO (line 28) | const STDERR_FILENO: libc::c_int = 2;
constant DEV_KVM (line 33) | const DEV_KVM: &CStr = c"/dev/kvm";
constant DEV_KVM_MAJOR (line 34) | const DEV_KVM_MAJOR: u32 = 10;
constant DEV_KVM_MINOR (line 35) | const DEV_KVM_MINOR: u32 = 232;
constant DEV_NET_TUN (line 39) | const DEV_NET_TUN: &CStr = c"/dev/net/tun";
constant DEV_NET_TUN_MAJOR (line 40) | const DEV_NET_TUN_MAJOR: u32 = 10;
constant DEV_NET_TUN_MINOR (line 41) | const DEV_NET_TUN_MINOR: u32 = 200;
constant DEV_URANDOM (line 45) | const DEV_URANDOM: &CStr = c"/dev/urandom";
constant DEV_URANDOM_MAJOR (line 46) | const DEV_URANDOM_MAJOR: u32 = 1;
constant DEV_URANDOM_MINOR (line 47) | const DEV_URANDOM_MINOR: u32 = 9;
constant DEV_UFFD_PATH (line 57) | const DEV_UFFD_PATH: &CStr = c"/dev/userfaultfd";
constant DEV_UFFD_MAJOR (line 58) | const DEV_UFFD_MAJOR: u32 = 10;
constant FOLDER_HIERARCHY (line 65) | const FOLDER_HIERARCHY: [&str; 4] = ["/", "/dev", "/dev/net", "/run"];
constant FOLDER_PERMISSIONS (line 66) | const FOLDER_PERMISSIONS: u32 = 0o700;
constant PID_FILE_EXTENSION (line 70) | const PID_FILE_EXTENSION: &str = ".pid";
function dup2 (line 73) | fn dup2(old_fd: libc::c_int, new_fd: libc::c_int) -> Result<(), JailerEr...
function clone (line 85) | fn clone(child_stack: *mut libc::c_void, flags: libc::c_int) -> Result<l...
type UserfaultfdParseError (line 108) | enum UserfaultfdParseError {
type Env (line 118) | pub struct Env {
method new (line 137) | pub fn new(
method chroot_dir (line 276) | pub fn chroot_dir(&self) -> &Path {
method gid (line 280) | pub fn gid(&self) -> u32 {
method uid (line 284) | pub fn uid(&self) -> u32 {
method validate_exec_file (line 288) | fn validate_exec_file(exec_file: &str) -> Result<(PathBuf, String), Ja...
method parse_resource_limits (line 307) | fn parse_resource_limits(
method exec_into_new_pid_ns (line 328) | fn exec_into_new_pid_ns(&mut self, chroot_exec_file: PathBuf) -> Resul...
method save_exec_file_pid (line 385) | fn save_exec_file_pid(
method get_userfaultfd_minor_dev_number (line 405) | fn get_userfaultfd_minor_dev_number() -> Result<u32, UserfaultfdParseE...
method mknod_and_own_dev (line 422) | fn mknod_and_own_dev(
method setup_jailed_folder (line 454) | fn setup_jailed_folder(&self, folder: impl AsRef<Path>) -> Result<(), ...
method copy_exec_to_chroot (line 468) | fn copy_exec_to_chroot(&mut self) -> Result<OsString, JailerError> {
method join_netns (line 520) | fn join_netns(path: &str) -> Result<(), JailerError> {
method exec_command (line 531) | fn exec_command(&self, chroot_exec_file: PathBuf) -> io::Error {
method copy_cache_info (line 550) | fn copy_cache_info(&self) -> Result<(), JailerError> {
method copy_midr_el1_info (line 614) | fn copy_midr_el1_info(&self) -> Result<(), JailerError> {
method run (line 641) | pub fn run(mut self) -> Result<(), JailerError> {
function get_pseudo_exec_file_path (line 790) | fn get_pseudo_exec_file_path() -> String {
type ArgVals (line 798) | struct ArgVals<'a> {
function new (line 813) | pub fn new(pseudo_exec_file_path: &'a str) -> ArgVals<'a> {
function make_args (line 833) | fn make_args(arg_vals: &ArgVals) -> Vec<String> {
function create_env (line 884) | fn create_env(mock_proc_mounts: &Path) -> Env {
function test_new_env (line 896) | fn test_new_env() {
function test_dup2 (line 1037) | fn test_dup2() {
function test_validate_exec_file (line 1047) | fn test_validate_exec_file() {
function test_setup_jailed_folder (line 1082) | fn test_setup_jailed_folder() {
function ensure_mknod_and_own_dev (line 1123) | fn ensure_mknod_and_own_dev(env: &Env, dev_path: &CStr, major: u32, mino...
function test_mknod_and_own_dev (line 1153) | fn test_mknod_and_own_dev() {
function test_userfaultfd_dev (line 1191) | fn test_userfaultfd_dev() {
function test_copy_exec_to_chroot (line 1204) | fn test_copy_exec_to_chroot() {
function test_join_netns (line 1261) | fn test_join_netns() {
function test_cgroups_parsing (line 1283) | fn test_cgroups_parsing() {
function test_parse_resource_limits (line 1359) | fn test_parse_resource_limits() {
function test_copy_cache_info (line 1425) | fn test_copy_cache_info() {
function test_save_exec_file_pid (line 1448) | fn test_save_exec_file_pid() {
FILE: src/jailer/src/main.rs
constant JAILER_VERSION (line 22) | const JAILER_VERSION: &str = env!("CARGO_PKG_VERSION");
type JailerError (line 25) | pub enum JailerError {
function build_arg_parser (line 159) | pub fn build_arg_parser() -> ArgParser<'static> {
function writeln_special (line 238) | pub fn writeln_special<T, V>(file_path: &T, value: V) -> Result<(), Jail...
function readln_special (line 247) | pub fn readln_special<T: AsRef<Path> + Debug>(file_path: &T) -> Result<S...
function close_fds_by_close_range (line 257) | fn close_fds_by_close_range() -> Result<(), JailerError> {
function close_inherited_fds (line 273) | fn close_inherited_fds() -> Result<(), JailerError> {
function sanitize_process (line 279) | fn sanitize_process() -> Result<(), JailerError> {
function clean_env_vars (line 289) | fn clean_env_vars() {
function to_cstring (line 304) | pub fn to_cstring<T: AsRef<Path> + Debug>(path: T) -> Result<CString, Ja...
function main (line 315) | fn main() -> Result<(), JailerError> {
function main_exec (line 325) | fn main_exec() -> Result<(), JailerError> {
function run_close_fds_test (line 374) | fn run_close_fds_test(test_fn: fn() -> Result<(), JailerError>) {
function test_fds_close_range (line 400) | fn test_fds_close_range() {
function test_sanitize_process (line 421) | fn test_sanitize_process() {
function test_clean_env_vars (line 426) | fn test_clean_env_vars() {
function test_to_cstring (line 448) | fn test_to_cstring() {
FILE: src/jailer/src/resource_limits.rs
constant NO_FILE (line 12) | const NO_FILE: u64 = 2048;
constant FSIZE_ARG (line 14) | pub(crate) const FSIZE_ARG: &str = "fsize";
constant NO_FILE_ARG (line 16) | pub(crate) const NO_FILE_ARG: &str = "no-file";
type Resource (line 19) | pub enum Resource {
function from (line 27) | fn from(resource: Resource) -> u32 {
function from (line 48) | fn from(resource: Resource) -> i32 {
method fmt (line 69) | fn fmt(&self, f: &mut Formatter<'_>) -> fmt::Result {
type ResourceLimits (line 78) | pub struct ResourceLimits {
method install (line 93) | pub fn install(self) -> Result<(), JailerError> {
method set_limit (line 104) | fn set_limit(resource: Resource, target: libc::rlim_t) -> Result<(), J...
method set_file_size (line 117) | pub fn set_file_size(&mut self, file_size: u64) {
method set_no_file (line 121) | pub fn set_no_file(&mut self, no_file: u64) {
method default (line 84) | fn default() -> Self {
function test_from_resource (line 133) | fn test_from_resource() {
function test_display_resource (line 142) | fn test_display_resource() {
function test_default_resource_limits (line 154) | fn test_default_resource_limits() {
function test_set_resource_limits (line 166) | fn test_set_resource_limits() {
function test_install (line 192) | fn test_install() {
FILE: src/log-instrument-macros/src/lib.rs
function instrument (line 16) | pub fn instrument(
FILE: src/log-instrument/examples/five.rs
function main (line 8) | fn main() {
type MyStruct (line 17) | struct MyStruct(Option<Vec<String>>);
method one (line 21) | fn one(&mut self) -> Option<&mut [String]> {
FILE: src/log-instrument/examples/four.rs
function main (line 6) | fn main() {
type MyStruct (line 15) | struct MyStruct(Option<Vec<String>>);
method one (line 19) | fn one(&mut self) -> Option<&mut [String]> {
FILE: src/log-instrument/examples/one.rs
function main (line 6) | fn main() {
function one (line 15) | fn one(x: u32) -> u32 {
FILE: src/log-instrument/examples/six.rs
function main (line 6) | fn main() {
function one (line 15) | fn one(x: u32) -> u32 {
function two (line 24) | fn two(x: u32) -> u32 {
FILE: src/log-instrument/examples/three.rs
function main (line 6) | fn main() {
function one (line 17) | fn one(x: &mut Option<Vec<String>>) -> Option<&mut [String]> {
FILE: src/log-instrument/examples/two.rs
function main (line 6) | fn main() {
function one (line 17) | fn one(x: &Option<Vec<String>>) -> Option<&[String]> {
FILE: src/log-instrument/src/lib.rs
type InnerPath (line 10) | type InnerPath = Mutex<HashMap<std::thread::ThreadId, Vec<&'static str>>>;
function path (line 12) | fn path() -> &'static InnerPath {
type __Instrument (line 17) | pub struct __Instrument;
method new (line 20) | pub fn new(s: &'static str) -> __Instrument {
method drop (line 44) | fn drop(&mut self) {
FILE: src/pci/src/lib.rs
type PciInterruptPin (line 21) | pub enum PciInterruptPin {
method to_mask (line 29) | pub fn to_mask(self) -> u32 {
type PciBdf (line 35) | pub struct PciBdf(u32);
method deserialize (line 55) | fn deserialize<D>(deserializer: D) -> Result<Self, D::Error>
method serialize (line 64) | fn serialize<S>(&self, serializer: S) -> Result<S::Ok, S::Error>
method segment (line 73) | pub fn segment(&self) -> u16 {
method bus (line 77) | pub fn bus(&self) -> u8 {
method device (line 81) | pub fn device(&self) -> u8 {
method function (line 85) | pub fn function(&self) -> u8 {
method new (line 89) | pub fn new(segment: u16, bus: u8, device: u8, function: u8) -> Self {
method from (line 100) | fn from(bdf: u32) -> Self {
type PciBdfVisitor (line 37) | struct PciBdfVisitor;
type Value (line 40) | type Value = PciBdf;
method expecting (line 42) | fn expecting(&self, formatter: &mut fmt::Formatter) -> fmt::Result {
method visit_str (line 46) | fn visit_str<E>(self, v: &str) -> Result<Self::Value, E>
function from (line 106) | fn from(bdf: PciBdf) -> Self {
function from (line 112) | fn from(bdf: &PciBdf) -> Self {
function from (line 118) | fn from(bdf: PciBdf) -> Self {
function from (line 124) | fn from(bdf: &PciBdf) -> Self {
method fmt (line 130) | fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result {
method fmt (line 143) | fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result {
type PciBdfParseError (line 157) | pub enum PciBdfParseError {
type Err (line 165) | type Err = PciBdfParseError;
method from_str (line 167) | fn from_str(s: &str) -> Result<Self, Self::Err> {
type PciHeaderType (line 186) | pub enum PciHeaderType {
type PciClassCode (line 194) | pub enum PciClassCode {
method get_register_value (line 216) | pub fn get_register_value(self) -> u8 {
type PciSubclass (line 223) | pub trait PciSubclass {
method get_register_value (line 225) | fn get_register_value(&self) -> u8;
method get_register_value (line 240) | fn get_register_value(&self) -> u8 {
method get_register_value (line 264) | fn get_register_value(&self) -> u8 {
method get_register_value (line 280) | fn get_register_value(&self) -> u8 {
method get_register_value (line 302) | fn get_register_value(&self) -> u8 {
method get_register_value (line 324) | fn get_register_value(&self) -> u8 {
type PciMultimediaSubclass (line 231) | pub enum PciMultimediaSubclass {
type PciBridgeSubclass (line 248) | pub enum PciBridgeSubclass {
type PciSerialBusSubClass (line 272) | pub enum PciSerialBusSubClass {
type PciMassStorageSubclass (line 288) | pub enum PciMassStorageSubclass {
type PciNetworkControllerSubclass (line 310) | pub enum PciNetworkControllerSubclass {
type PciCapabilityId (line 334) | pub enum PciCapabilityId {
method from (line 359) | fn from(c: u8) -> Self {
type PciExpressCapabilityId (line 391) | pub enum PciExpressCapabilityId {
method from (line 444) | fn from(c: u16) -> Self {
type PciBarRegionType (line 501) | pub enum PciBarRegionType {
type PciBarPrefetchable (line 508) | pub enum PciBarPrefetchable {
function from (line 514) | fn from(val: PciBarPrefetchable) -> Self {
function test_pci_bdf_new (line 527) | fn test_pci_bdf_new() {
function test_pci_bdf_from_u32 (line 536) | fn test_pci_bdf_from_u32() {
function test_pci_bdf_to_u32 (line 545) | fn test_pci_bdf_to_u32() {
function test_pci_bdf_to_u16 (line 552) | fn test_pci_bdf_to_u16() {
function test_pci_bdf_from_str_valid (line 559) | fn test_pci_bdf_from_str_valid() {
function test_pci_bdf_from_str_zero (line 568) | fn test_pci_bdf_from_str_zero() {
function test_pci_bdf_from_str_invalid_format (line 577) | fn test_pci_bdf_from_str_invalid_format() {
function test_pci_bdf_from_str_invalid_hex (line 593) | fn test_pci_bdf_from_str_invalid_hex() {
function test_pci_bdf_display (line 613) | fn test_pci_bdf_display() {
function test_pci_bdf_debug (line 619) | fn test_pci_bdf_debug() {
function test_pci_bdf_partial_eq (line 625) | fn test_pci_bdf_partial_eq() {
function test_pci_bdf_partial_ord (line 634) | fn test_pci_bdf_partial_ord() {
function test_pci_bdf_deserialize_ok (line 641) | fn test_pci_bdf_deserialize_ok() {
function test_pci_bdf_deserialize_invalid (line 651) | fn test_pci_bdf_deserialize_invalid() {
function test_pci_bdf_serialize (line 660) | fn test_pci_bdf_serialize() {
FILE: src/rebase-snap/src/main.rs
constant REBASE_SNAP_VERSION (line 12) | const REBASE_SNAP_VERSION: &str = env!("CARGO_PKG_VERSION");
constant BASE_FILE (line 13) | const BASE_FILE: &str = "base-file";
constant DIFF_FILE (line 14) | const DIFF_FILE: &str = "diff-file";
constant DEPRECATION_MSG (line 15) | const DEPRECATION_MSG: &str = "This tool is deprecated and will be remov...
type FileError (line 19) | enum FileError {
type RebaseSnapError (line 37) | enum RebaseSnapError {
function build_arg_parser (line 46) | fn build_arg_parser<'a>() -> ArgParser<'a> {
function get_files (line 62) | fn get_files(args: &Arguments) -> Result<(File, File), FileError> {
function rebase (line 81) | fn rebase(base_file: &mut File, diff_file: &mut File) -> Result<(), File...
function main (line 116) | fn main() -> Result<(), RebaseSnapError> {
function main_exec (line 126) | fn main_exec() -> Result<(), RebaseSnapError> {
function test_parse_args (line 178) | fn test_parse_args() {
function check_file_content (line 240) | fn check_file_content(file: &mut File, expected_content: &[u8]) {
function test_rebase_corner_cases (line 247) | fn test_rebase_corner_cases() {
function test_rebase (line 275) | fn test_rebase() {
FILE: src/seccompiler/build.rs
function main (line 4) | fn main() {
FILE: src/seccompiler/src/bin.rs
constant DEFAULT_OUTPUT_FILENAME (line 7) | const DEFAULT_OUTPUT_FILENAME: &str = "seccomp_binary_filter.out";
type Cli (line 11) | struct Cli {
function main (line 38) | fn main() -> Result<(), CompilationError> {
FILE: src/seccompiler/src/bindings.rs
constant MINUS_EEXIST (line 13) | pub const MINUS_EEXIST: i32 = -libc::EEXIST;
type scmp_filter_ctx (line 16) | pub type scmp_filter_ctx = *mut c_void;
type const_scmp_filter_ctx (line 18) | pub type const_scmp_filter_ctx = *const c_void;
type scmp_compare (line 23) | pub enum scmp_compare {
type scmp_datum_t (line 43) | pub type scmp_datum_t = u64;
type scmp_arg_cmp (line 48) | pub struct scmp_arg_cmp {
constant SCMP_ARCH_X86_64 (line 57) | pub const SCMP_ARCH_X86_64: u32 = 0xc000003e;
constant SCMP_ARCH_AARCH64 (line 58) | pub const SCMP_ARCH_AARCH64: u32 = 0xc00000b7;
constant SCMP_ACT_KILL_PROCESS (line 60) | pub const SCMP_ACT_KILL_PROCESS: u32 = 0x80000000;
constant SCMP_ACT_KILL_THREAD (line 62) | pub const SCMP_ACT_KILL_THREAD: u32 = 0x00000000;
constant SCMP_ACT_TRAP (line 64) | pub const SCMP_ACT_TRAP: u32 = 0x00030000;
constant SCMP_ACT_ERRNO_MASK (line 66) | pub const SCMP_ACT_ERRNO_MASK: u32 = 0x00050000;
function SCMP_ACT_ERRNO (line 69) | pub const fn SCMP_ACT_ERRNO(x: u16) -> u32 {
constant SCMP_ACT_TRACE_MASK (line 72) | pub const SCMP_ACT_TRACE_MASK: u32 = 0x7ff00000;
function SCMP_ACT_TRACE (line 75) | pub const fn SCMP_ACT_TRACE(x: u16) -> u32 {
constant SCMP_ACT_LOG (line 79) | pub const SCMP_ACT_LOG: u32 = 0x7ffc0000;
constant SCMP_ACT_ALLOW (line 81) | pub const SCMP_ACT_ALLOW: u32 = 0x7fff0000;
function seccomp_init (line 92) | pub safe fn seccomp_init(def_action: u32) -> scmp_filter_ctx;
function seccomp_arch_add (line 105) | pub fn seccomp_arch_add(ctx: scmp_filter_ctx, arch_token: u32) -> c_int;
function seccomp_syscall_resolve_name (line 114) | pub fn seccomp_syscall_resolve_name(name: *const c_char) -> c_int;
function seccomp_rule_add (line 130) | pub fn seccomp_rule_add(
function seccomp_rule_add_array (line 152) | pub fn seccomp_rule_add_array(
function seccomp_export_bpf (line 167) | pub fn seccomp_export_bpf(ctx: const_scmp_filter_ctx, fd: c_int) -> c_int;
constant __NR_SCMP_ERROR (line 171) | pub const __NR_SCMP_ERROR: c_int = -1;
FILE: src/seccompiler/src/lib.rs
constant DESERIALIZATION_BYTES_LIMIT (line 23) | const DESERIALIZATION_BYTES_LIMIT: usize = 100_000;
type CompilationError (line 27) | pub enum CompilationError {
function compile_bpf (line 60) | pub fn compile_bpf(
FILE: src/seccompiler/src/types.rs
type SeccompCmpOp (line 16) | pub enum SeccompCmpOp {
type SeccompCmpArgLen (line 29) | pub enum SeccompCmpArgLen {
type SeccompCondition (line 38) | pub struct SeccompCondition {
method to_scmp_type (line 47) | pub fn to_scmp_type(&self) -> scmp_arg_cmp {
type SeccompAction (line 120) | pub enum SeccompAction {
method to_scmp_type (line 131) | pub fn to_scmp_type(&self) -> u32 {
type SyscallRule (line 150) | pub struct SyscallRule {
type Filter (line 157) | pub struct Filter {
type BpfJson (line 165) | pub struct BpfJson(pub BTreeMap<String, Filter>);
type TargetArch (line 169) | pub enum TargetArch {
method to_scmp_type (line 175) | pub fn to_scmp_type(&self) -> u32 {
type Err (line 184) | type Err = String;
method from_str (line 185) | fn from_str(s: &str) -> Result<Self, Self::Err> {
FILE: src/snapshot-editor/src/edit_memory.rs
type EditMemoryError (line 14) | pub enum EditMemoryError {
type EditMemorySubCommand (line 32) | pub enum EditMemorySubCommand {
function edit_memory_command (line 44) | pub fn edit_memory_command(command: EditMemorySubCommand) -> Result<(), ...
function rebase (line 54) | fn rebase(memory_path: PathBuf, diff_path: PathBuf) -> Result<(), EditMe...
function check_file_content (line 115) | fn check_file_content(file: &File, expected_content: &[u8]) {
function test_rebase_empty_files (line 126) | fn test_rebase_empty_files() {
function test_rebase_empty_diff (line 141) | fn test_rebase_empty_diff() {
function test_rebase_full_diff (line 163) | fn test_rebase_full_diff() {
function test_rebase (line 181) | fn test_rebase() {
FILE: src/snapshot-editor/src/edit_vmstate.rs
type EditVmStateError (line 14) | pub enum EditVmStateError {
type EditVmStateSubCommand (line 20) | pub enum EditVmStateSubCommand {
function edit_vmstate_command (line 36) | pub fn edit_vmstate_command(command: EditVmStateSubCommand) -> Result<()...
function edit (line 49) | fn edit(
function remove_regs (line 60) | fn remove_regs(
function test_remove_regs (line 96) | fn test_remove_regs() {
function test_remove_non_existed_regs (line 155) | fn test_remove_non_existed_regs() {
FILE: src/snapshot-editor/src/info.rs
type InfoVmStateError (line 13) | pub enum InfoVmStateError {
type InfoVmStateSubCommand (line 19) | pub enum InfoVmStateSubCommand {
function info_vmstate_command (line 40) | pub fn info_vmstate_command(command: InfoVmStateSubCommand) -> Result<()...
function info (line 51) | fn info(
function info_version (line 60) | fn info_version(snapshot: &Snapshot<MicrovmState>) -> Result<(), InfoVmS...
function info_vcpu_states (line 65) | fn info_vcpu_states(snapshot: &Snapshot<MicrovmState>) -> Result<(), Inf...
function info_vmstate (line 73) | fn info_vmstate(snapshot: &Snapshot<MicrovmState>) -> Result<(), InfoVmS...
FILE: src/snapshot-editor/src/main.rs
type SnapEditorError (line 18) | enum SnapEditorError {
type Cli (line 30) | struct Cli {
type Command (line 36) | enum Command {
function main_exec (line 46) | fn main_exec() -> Result<(), SnapEditorError> {
function main (line 59) | fn main() -> Result<(), SnapEditorError> {
FILE: src/snapshot-editor/src/utils.rs
type UtilsError (line 13) | pub enum UtilsError {
function open_vmstate (line 25) | pub fn open_vmstate(snapshot_path: &PathBuf) -> Result<Snapshot<MicrovmS...
function save_vmstate (line 32) | pub fn save_vmstate(microvm_state: MicrovmState, output_path: &PathBuf) ...
FILE: src/utils/src/arg_parser.rs
type Result (line 7) | pub type Result<T> = result::Result<T, UtilsArgParserError>;
constant ARG_PREFIX (line 9) | const ARG_PREFIX: &str = "--";
constant ARG_SEPARATOR (line 10) | const ARG_SEPARATOR: &str = "--";
constant HELP_ARG (line 11) | const HELP_ARG: &str = "--help";
constant SHORT_HELP_ARG (line 12) | const SHORT_HELP_ARG: &str = "-h";
constant VERSION_ARG (line 13) | const VERSION_ARG: &str = "--version";
type UtilsArgParserError (line 17) | pub enum UtilsArgParserError {
type ArgParser (line 32) | pub struct ArgParser<'a> {
function new (line 38) | pub fn new() -> Self {
function arg (line 43) | pub fn arg(mut self, argument: Argument<'a>) -> Self {
function parse_from_cmdline (line 49) | pub fn parse_from_cmdline(&mut self) -> Result<()> {
function formatted_help (line 56) | pub fn formatted_help(&self) -> String {
function arguments (line 80) | pub fn arguments(&self) -> &Arguments<'_> {
function format_arguments (line 86) | fn format_arguments(&self, is_required: bool) -> String {
type Argument (line 110) | pub struct Argument<'a> {
function new (line 124) | pub fn new(name: &'a str) -> Argument<'a> {
function required (line 139) | pub fn required(mut self, required: bool) -> Self {
function requires (line 145) | pub fn requires(mut self, other_arg: &'a str) -> Self {
function forbids (line 151) | pub fn forbids(mut self, args: Vec<&'a str>) -> Self {
function takes_value (line 158) | pub fn takes_value(mut self, takes_value: bool) -> Self {
function allow_multiple (line 166) | pub fn allow_multiple(mut self, allow_multiple: bool) -> Self {
function default_value (line 176) | pub fn default_value(mut self, default_value: &'a str) -> Self {
function help (line 183) | pub fn help(mut self, help: &'a str) -> Self {
function format_help (line 188) | fn format_help(&self, arg_width: usize) -> String {
function format_name (line 211) | fn format_name(&self) -> String {
type Value (line 222) | pub enum Value {
method as_single_value (line 229) | fn as_single_value(&self) -> Option<&String> {
method as_flag (line 236) | fn as_flag(&self) -> bool {
method as_multiple (line 240) | fn as_multiple(&self) -> Option<&[String]> {
method fmt (line 249) | fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
type Arguments (line 260) | pub struct Arguments<'a> {
function insert_arg (line 269) | fn insert_arg(&mut self, argument: Argument<'a>) {
function value_of (line 274) | fn value_of(&self, arg_name: &'static str) -> Option<&Value> {
function single_value (line 285) | pub fn single_value(&self, arg_name: &'static str) -> Option<&String> {
function flag_present (line 291) | pub fn flag_present(&self, arg_name: &'static str) -> bool {
function multiple_values (line 300) | pub fn multiple_values(&self, arg_name: &'static str) -> Option<&[String...
function extra_args (line 306) | pub fn extra_args(&self) -> Vec<String> {
function split_args (line 312) | fn split_args(args: &[String]) -> (&[String], &[String]) {
function parse_from_cmdline (line 321) | pub fn parse_from_cmdline(&mut self) -> Result<()> {
function parse (line 329) | pub fn parse(&mut self, args: &[String]) -> Result<()> {
function validate_requirements (line 360) | fn validate_requirements(&self, args: &[String]) -> Result<()> {
function validate_arg (line 391) | fn validate_arg(&self, arg: &str) -> Result<()> {
function populate_args (line 412) | fn populate_args(&mut self, args: &[String]) -> Result<()> {
function build_arg_parser (line 467) | fn build_arg_parser() -> ArgParser<'static> {
function test_arg_help (line 517) | fn test_arg_help() {
function test_arg_parser_help (line 583) | fn test_arg_parser_help() {
function test_value (line 626) | fn test_value() {
function test_parse (line 640) | fn test_parse() {
function test_split (line 957) | fn test_split() {
function test_error_display (line 984) | fn test_error_display() {
function test_value_display (line 1020) | fn test_value_display() {
function test_allow_multiple (line 1026) | fn test_allow_multiple() {
FILE: src/utils/src/time.rs
constant NANOS_PER_SECOND (line 11) | pub const NANOS_PER_SECOND: u64 = 1_000_000_000;
constant NANOS_PER_MILLISECOND (line 13) | pub const NANOS_PER_MILLISECOND: u64 = 1_000_000;
type ClockType (line 17) | pub enum ClockType {
function from (line 29) | fn from(clock_type: ClockType) -> Self {
type LocalTime (line 41) | pub struct LocalTime {
method now (line 60) | pub fn now() -> LocalTime {
method fmt (line 98) | fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
type TimestampUs (line 115) | pub struct TimestampUs {
method default (line 123) | fn default() -> TimestampUs {
function timestamp_cycles (line 134) | pub fn timestamp_cycles() -> u64 {
function get_time_ns (line 151) | pub fn get_time_ns(clock_type: ClockType) -> u64 {
function get_time_us (line 168) | pub fn get_time_us(clock_type: ClockType) -> u64 {
function get_time_ms (line 177) | pub fn get_time_ms(clock_type: ClockType) -> u64 {
function seconds_to_nanoseconds (line 187) | pub fn seconds_to_nanoseconds(value: i64) -> Option<i64> {
type TimerFd (line 193) | pub struct TimerFd(File);
method new (line 198) | pub fn new() -> Self {
method arm (line 217) | pub fn arm(&mut self, duration: Duration, interval: Option<Duration>) {
method read (line 247) | pub fn read(&mut self) -> u64 {
method is_armed (line 257) | pub fn is_armed(&self) -> bool {
method as_raw_fd (line 272) | fn as_raw_fd(&self) -> RawFd {
function test_get_time (line 282) | fn test_get_time() {
function test_local_time_display (line 304) | fn test_local_time_display() {
function test_seconds_to_nanoseconds (line 338) | fn test_seconds_to_nanoseconds() {
FILE: src/utils/src/validators.rs
constant MAX_INSTANCE_ID_LEN (line 6) | const MAX_INSTANCE_ID_LEN: usize = 64;
constant MIN_INSTANCE_ID_LEN (line 7) | const MIN_INSTANCE_ID_LEN: usize = 1;
type ValidatorError (line 10) | pub enum ValidatorError {
function validate_instance_id (line 19) | pub fn validate_instance_id(input: &str) -> Result<(), ValidatorError> {
function test_validate_instance_id (line 40) | fn test_validate_instance_id() {
FILE: src/vmm/benches/block_request.rs
function block_request_benchmark (line 16) | pub fn block_request_benchmark(c: &mut Criterion) {
FILE: src/vmm/benches/cpu_templates.rs
function bench_serialize_cpu_template (line 15) | pub fn bench_serialize_cpu_template(cpu_template: &CustomCpuTemplate) {
function bench_deserialize_cpu_template (line 20) | pub fn bench_deserialize_cpu_template(cpu_template_str: &str) {
function cpu_template_benchmark (line 24) | pub fn cpu_template_benchmark(c: &mut Criterion) {
FILE: src/vmm/benches/memory_access.rs
function bench_single_page_fault (line 10) | fn bench_single_page_fault(c: &mut Criterion, configuration: VmResources) {
function bench_4k_page_fault (line 33) | pub fn bench_4k_page_fault(c: &mut Criterion) {
function bench_2m_page_fault (line 47) | pub fn bench_2m_page_fault(c: &mut Criterion) {
FILE: src/vmm/benches/queue.rs
function set_dtable_one_chain (line 24) | fn set_dtable_one_chain(rxq: &VirtQueue, n: usize) {
function set_dtable_many_chains (line 45) | fn set_dtable_many_chains(rxq: &VirtQueue, n: usize) {
function queue_benchmark (line 59) | pub fn queue_benchmark(c: &mut Criterion) {
FILE: src/vmm/src/acpi/mod.rs
constant OEM_ID (line 23) | const OEM_ID: [u8; 6] = *b"FIRECK";
constant OEM_REVISION (line 27) | const OEM_REVISION: u32 = 0;
constant HYPERVISOR_VENDOR_ID (line 31) | const HYPERVISOR_VENDOR_ID: [u8; 8] = *b"FIRECKVM";
type AcpiError (line 35) | pub enum AcpiError {
type AcpiTableWriter (line 46) | struct AcpiTableWriter<'a> {
function write_acpi_table (line 55) | fn write_acpi_table<S>(
function build_dsdt (line 83) | fn build_dsdt(
function build_fadt (line 112) | fn build_fadt(
function build_madt (line 130) | fn build_madt(
function build_xsdt (line 148) | fn build_xsdt(
function build_mcfg (line 165) | fn build_mcfg(
function build_rsdp (line 179) | fn build_rsdp(&mut self, xsdt_addr: u64) -> Result<(), AcpiError> {
function create_acpi_tables (line 197) | pub(crate) fn create_acpi_tables(
type MockSdt (line 225) | struct MockSdt(Vec<u8>);
method len (line 228) | fn len(&self) -> usize {
method write_to_guest (line 232) | fn write_to_guest<M: vm_memory::GuestMemory>(
function test_write_acpi_table_memory_allocation (line 246) | fn test_write_acpi_table_memory_allocation() {
function test_write_acpi_table_small_memory (line 311) | fn test_write_acpi_table_small_memory() {
FILE: src/vmm/src/acpi/x86_64.rs
function setup_interrupt_controllers (line 16) | pub(crate) fn setup_interrupt_controllers(nr_vcpus: u8) -> Vec<u8> {
function setup_arch_fadt (line 28) | pub(crate) fn setup_arch_fadt(fadt: &mut Fadt) {
function setup_arch_dsdt (line 37) | pub(crate) fn setup_arch_dsdt(dsdt_data: &mut Vec<u8>) -> Result<(), aml...
function apic_addr (line 41) | pub(crate) const fn apic_addr() -> u32 {
function rsdp_addr (line 45) | pub(crate) const fn rsdp_addr() -> GuestAddress {
FILE: src/vmm/src/arch/aarch64/cache_info.rs
constant MAX_CACHE_LEVEL (line 10) | const MAX_CACHE_LEVEL: u8 = 7;
type CacheInfoError (line 13) | pub(crate) enum CacheInfoError {
type CacheEngine (line 26) | struct CacheEngine {
method new (line 342) | fn new(map: &HashMap<String, String>) -> Self {
type CacheStore (line 30) | trait CacheStore: std::fmt::Debug {
method get_by_key (line 31) | fn get_by_key(&self, index: u8, file_name: &str) -> Result<String, Cac...
method get_by_key (line 65) | fn get_by_key(&self, index: u8, file_name: &str) -> Result<String, Cac...
method get_by_key (line 352) | fn get_by_key(&self, index: u8, file_name: &str) -> Result<String, Cac...
type CacheEntry (line 35) | pub(crate) struct CacheEntry {
method from_index (line 76) | fn from_index(index: u8, store: &dyn CacheStore) -> Result<CacheEntry,...
type HostCacheStore (line 49) | struct HostCacheStore {
method default (line 55) | fn default() -> Self {
method default (line 143) | fn default() -> Self {
type CacheType (line 157) | pub(crate) enum CacheType {
method try_from (line 164) | fn try_from(string: &str) -> Result<Self, CacheInfoError> {
method of_cache_size (line 177) | pub fn of_cache_size(&self) -> &str {
method of_cache_line_size (line 185) | pub fn of_cache_line_size(&self) -> &str {
method of_cache_type (line 193) | pub fn of_cache_type(&self) -> Option<&'static str> {
method of_cache_sets (line 201) | pub fn of_cache_sets(&self) -> &str {
function readln_special (line 211) | fn readln_special<T: AsRef<Path>>(file_path: &T) -> Result<String, Cache...
function to_bytes (line 216) | fn to_bytes(cache_size_pretty: &mut String) -> Result<u32, CacheInfoErro...
function mask_str2bit_count (line 244) | fn mask_str2bit_count(mask_str: &str) -> Result<u16, CacheInfoError> {
function append_cache_level (line 271) | fn append_cache_level(
function read_cache_config (line 283) | pub(crate) fn read_cache_config(
type MockCacheStore (line 327) | struct MockCacheStore {
method default (line 332) | fn default() -> Self {
function create_default_store (line 364) | fn create_default_store() -> HashMap<String, String> {
function test_mask_str2bit_count (line 376) | fn test_mask_str2bit_count() {
function test_to_bytes (line 396) | fn test_to_bytes() {
function test_cache_level (line 424) | fn test_cache_level() {
function test_cache_shared_cpu_map (line 461) | fn test_cache_shared_cpu_map() {
function test_cache_coherency (line 496) | fn test_cache_coherency() {
function test_cache_size (line 521) | fn test_cache_size() {
function test_cache_no_sets (line 550) | fn test_cache_no_sets() {
function test_sysfs_read_caches (line 571) | fn test_sysfs_read_caches() {
FILE: src/vmm/src/arch/aarch64/fdt.rs
constant GIC_PHANDLE (line 29) | const GIC_PHANDLE: u32 = 1;
constant CLOCK_PHANDLE (line 31) | const CLOCK_PHANDLE: u32 = 2;
constant MSI_PHANDLE (line 33) | const MSI_PHANDLE: u32 = 3;
constant LAST_CACHE_PHANDLE (line 39) | const LAST_CACHE_PHANDLE: u32 = 4000;
constant ADDRESS_CELLS (line 41) | const ADDRESS_CELLS: u32 = 0x2;
constant SIZE_CELLS (line 42) | const SIZE_CELLS: u32 = 0x2;
constant GIC_FDT_IRQ_TYPE_SPI (line 47) | const GIC_FDT_IRQ_TYPE_SPI: u32 = 0;
constant GIC_FDT_IRQ_TYPE_PPI (line 48) | const GIC_FDT_IRQ_TYPE_PPI: u32 = 1;
constant IRQ_TYPE_EDGE_RISING (line 51) | const IRQ_TYPE_EDGE_RISING: u32 = 1;
constant IRQ_TYPE_LEVEL_HI (line 52) | const IRQ_TYPE_LEVEL_HI: u32 = 4;
type FdtError (line 56) | pub enum FdtError {
function create_fdt (line 67) | pub fn create_fdt(
function create_cpu_nodes (line 113) | fn create_cpu_nodes(fdt: &mut FdtWriter, vcpu_mpidr: &[u64]) -> Result<(...
function create_memory_node (line 220) | fn create_memory_node(fdt: &mut FdtWriter, guest_mem: &GuestMemoryMmap) ...
function create_chosen_node (line 254) | fn create_chosen_node(
function create_vmgenid_node (line 280) | fn create_vmgenid_node(fdt: &mut FdtWriter, vmgenid: &VmGenId) -> Result...
function create_vmclock_node (line 292) | fn create_vmclock_node(fdt: &mut FdtWriter, vmclock: &VmClock) -> Result...
function create_gic_node (line 304) | fn create_gic_node(fdt: &mut FdtWriter, gic_device: &GICDevice) -> Resul...
function create_clock_node (line 340) | fn create_clock_node(fdt: &mut FdtWriter) -> Result<(), FdtError> {
function create_timer_node (line 355) | fn create_timer_node(fdt: &mut FdtWriter) -> Result<(), FdtError> {
function create_psci_node (line 377) | fn create_psci_node(fdt: &mut FdtWriter) -> Result<(), FdtError> {
function create_virtio_node (line 391) | fn create_virtio_node(fdt: &mut FdtWriter, dev_info: &MMIODeviceInfo) ->...
function create_serial_node (line 414) | fn create_serial_node(fdt: &mut FdtWriter, dev_info: &MMIODeviceInfo) ->...
function create_rtc_node (line 434) | fn create_rtc_node(fdt: &mut FdtWriter, dev_info: &MMIODeviceInfo) -> Re...
function create_devices_node (line 451) | fn create_devices_node(
function create_pci_nodes (line 474) | fn create_pci_nodes(fdt: &mut FdtWriter, pci_devices: &PciDevices) -> Re...
function set_size (line 567) | fn set_size(buf: &mut [u8], pos: usize, val: u32) {
function test_create_fdt_with_devices (line 575) | fn test_create_fdt_with_devices() {
function test_create_fdt (line 613) | fn test_create_fdt() {
function test_create_fdt_with_initrd (line 670) | fn test_create_fdt_with_initrd() {
FILE: src/vmm/src/arch/aarch64/gic/gicv2/mod.rs
type GICv2 (line 12) | pub struct GICv2(super::GIC);
type Target (line 15) | type Target = super::GIC;
method deref (line 17) | fn deref(&self) -> &Self::Target {
constant KVM_VGIC_V2_DIST_SIZE (line 25) | const KVM_VGIC_V2_DIST_SIZE: u64 = 0x1000;
constant KVM_VGIC_V2_CPU_SIZE (line 26) | const KVM_VGIC_V2_CPU_SIZE: u64 = 0x2000;
constant ARCH_GIC_V2_MAINT_IRQ (line 29) | const ARCH_GIC_V2_MAINT_IRQ: u32 = 8;
method get_dist_addr (line 32) | const fn get_dist_addr() -> u64 {
method get_dist_size (line 37) | const fn get_dist_size() -> u64 {
method get_cpu_addr (line 42) | const fn get_cpu_addr() -> u64 {
method get_cpu_size (line 47) | const fn get_cpu_size() -> u64 {
constant VERSION (line 51) | pub const VERSION: u32 = kvm_bindings::kvm_device_type_KVM_DEV_TYPE_AR...
method fdt_compatibility (line 53) | pub fn fdt_compatibility(&self) -> &str {
method fdt_maint_irq (line 57) | pub fn fdt_maint_irq(&self) -> u32 {
method create_device (line 62) | pub fn create_device(fd: DeviceFd, vcpu_count: u64) -> Self {
method save_device (line 77) | pub fn save_device(&self, mpidrs: &[u64]) -> Result<GicState, GicError> {
method restore_device (line 81) | pub fn restore_device(&self, mpidrs: &[u64], state: &GicState) -> Resu...
method init_device_attributes (line 85) | pub fn init_device_attributes(gic_device: &Self) -> Result<(), GicErro...
method init_device (line 109) | pub fn init_device(vm: &VmFd) -> Result<DeviceFd, GicError> {
method create (line 121) | pub fn create(vm: &VmFd, vcpu_count: u64) -> Result<Self, GicError> {
method finalize_device (line 134) | pub fn finalize_device(gic_device: &Self) -> Result<(), GicError> {
method set_device_attribute (line 164) | pub fn set_device_attribute(
FILE: src/vmm/src/arch/aarch64/gic/gicv2/regs/dist_regs.rs
constant GICD_CTLR (line 17) | const GICD_CTLR: DistReg = DistReg::simple(0x0, 4);
constant GICD_IGROUPR (line 18) | const GICD_IGROUPR: DistReg = DistReg::shared_irq(0x0080, 1);
constant GICD_ISENABLER (line 19) | const GICD_ISENABLER: DistReg = DistReg::shared_irq(0x0100, 1);
constant GICD_ICENABLER (line 20) | const GICD_ICENABLER: DistReg = DistReg::shared_irq(0x0180, 1);
constant GICD_ISPENDR (line 21) | const GICD_ISPENDR: DistReg = DistReg::shared_irq(0x0200, 1);
constant GICD_ICPENDR (line 22) | const GICD_ICPENDR: DistReg = DistReg::shared_irq(0x0280, 1);
constant GICD_ISACTIVER (line 23) | const GICD_ISACTIVER: DistReg = DistReg::shared_irq(0x0300, 1);
constant GICD_ICACTIVER (line 24) | const GICD_ICACTIVER: DistReg = DistReg::shared_irq(0x0380, 1);
constant GICD_IPRIORITYR (line 25) | const GICD_IPRIORITYR: DistReg = DistReg::shared_irq(0x0400, 8);
constant GICD_ICFGR (line 26) | const GICD_ICFGR: DistReg = DistReg::shared_irq(0x0C00, 2);
constant GICD_CPENDSGIR (line 27) | const GICD_CPENDSGIR: DistReg = DistReg::simple(0xF10, 16);
constant GICD_SPENDSGIR (line 28) | const GICD_SPENDSGIR: DistReg = DistReg::simple(0xF20, 16);
type SharedIrqReg (line 52) | pub struct SharedIrqReg {
method range (line 60) | fn range(&self) -> Range<u64> {
type DistReg (line 77) | enum DistReg {
method simple (line 83) | const fn simple(offset: u64, size: u16) -> DistReg {
method shared_irq (line 87) | const fn shared_irq(offset: u64, bits_per_irq: u8) -> DistReg {
method range (line 96) | fn range(&self) -> Range<u64> {
type DistRegEngine (line 104) | struct DistRegEngine {}
type Reg (line 107) | type Reg = DistReg;
type RegChunk (line 108) | type RegChunk = u32;
method group (line 110) | fn group() -> u32 {
method mpidr_mask (line 114) | fn mpidr_mask() -> u64 {
function get_dist_regs (line 119) | pub(crate) fn get_dist_regs(fd: &DeviceFd) -> Result<Vec<GicRegState<u32...
function set_dist_regs (line 123) | pub(crate) fn set_dist_regs(fd: &DeviceFd, state: &[GicRegState<u32>]) -...
function test_access_dist_regs (line 139) | fn test_access_dist_regs() {
FILE: src/vmm/src/arch/aarch64/gic/gicv2/regs/icc_regs.rs
constant GICC_CTLR (line 17) | const GICC_CTLR: SimpleReg = SimpleReg::new(0x0, 4);
constant GICC_PMR (line 18) | const GICC_PMR: SimpleReg = SimpleReg::new(0x04, 4);
constant GICC_BPR (line 19) | const GICC_BPR: SimpleReg = SimpleReg::new(0x08, 4);
constant GICC_APBR (line 20) | const GICC_APBR: SimpleReg = SimpleReg::new(0x001C, 4);
constant GICC_APR1 (line 21) | const GICC_APR1: SimpleReg = SimpleReg::new(0x00D0, 4);
constant GICC_APR2 (line 22) | const GICC_APR2: SimpleReg = SimpleReg::new(0x00D4, 4);
constant GICC_APR3 (line 23) | const GICC_APR3: SimpleReg = SimpleReg::new(0x00D8, 4);
constant GICC_APR4 (line 24) | const GICC_APR4: SimpleReg = SimpleReg::new(0x00DC, 4);
constant KVM_DEV_ARM_VGIC_CPUID_SHIFT (line 30) | const KVM_DEV_ARM_VGIC_CPUID_SHIFT: u32 = 32;
constant KVM_DEV_ARM_VGIC_OFFSET_SHIFT (line 31) | const KVM_DEV_ARM_VGIC_OFFSET_SHIFT: u32 = 0;
type VgicSysRegEngine (line 33) | struct VgicSysRegEngine {}
type Reg (line 36) | type Reg = SimpleReg;
type RegChunk (line 37) | type RegChunk = u64;
method group (line 39) | fn group() -> u32 {
method kvm_device_attr (line 43) | fn kvm_device_attr(offset: u64, val: &mut Self::RegChunk, cpuid: u64) ->...
function get_icc_regs (line 56) | pub(crate) fn get_icc_regs(fd: &DeviceFd, mpidr: u64) -> Result<VgicSysR...
function set_icc_regs (line 66) | pub(crate) fn set_icc_regs(
function test_access_icc_regs (line 92) | fn test_access_icc_regs() {
FILE: src/vmm/src/arch/aarch64/gic/gicv2/regs/mod.rs
function save_state (line 13) | pub fn save_state(fd: &DeviceFd, mpidrs: &[u64]) -> Result<GicState, Gic...
function restore_state (line 30) | pub fn restore_state(fd: &DeviceFd, mpidrs: &[u64], state: &GicState) ->...
function test_vm_save_restore_state (line 53) | fn test_vm_save_restore_state() {
FILE: src/vmm/src/arch/aarch64/gic/gicv3/mod.rs
type GICv3 (line 11) | pub struct GICv3(super::GIC);
type Target (line 14) | type Target = super::GIC;
method deref (line 16) | fn deref(&self) -> &Self::Target {
method deref_mut (line 22) | fn deref_mut(&mut self) -> &mut Self::Target {
constant SZ_64K (line 30) | const SZ_64K: u64 = 0x0001_0000;
constant KVM_VGIC_V3_DIST_SIZE (line 31) | const KVM_VGIC_V3_DIST_SIZE: u64 = GICv3::SZ_64K;
constant KVM_VGIC_V3_REDIST_SIZE (line 32) | const KVM_VGIC_V3_REDIST_SIZE: u64 = (2 * GICv3::SZ_64K);
constant GIC_V3_ITS_SIZE (line 33) | const GIC_V3_ITS_SIZE: u64 = 0x2_0000;
constant ARCH_GIC_V3_MAINT_IRQ (line 36) | const ARCH_GIC_V3_MAINT_IRQ: u32 = 9;
method get_dist_addr (line 39) | fn get_dist_addr() -> u64 {
method get_dist_size (line 44) | fn get_dist_size() -> u64 {
method get_redists_addr (line 49) | fn get_redists_addr(vcpu_count: u64) -> u64 {
method get_redists_size (line 54) | fn get_redists_size(vcpu_count: u64) -> u64 {
method get_msi_address (line 59) | fn get_msi_address(vcpu_count: u64) -> u64 {
method get_msi_size (line 64) | const fn get_msi_size() -> u64 {
constant VERSION (line 68) | pub const VERSION: u32 = kvm_bindings::kvm_device_type_KVM_DEV_TYPE_AR...
method fdt_compatibility (line 70) | pub fn fdt_compatibility(&self) -> &str {
method fdt_maint_irq (line 74) | pub fn fdt_maint_irq(&self) -> u32 {
method create_device (line 79) | pub fn create_device(vm: &VmFd, vcpu_count: u64) -> Result<Self, GicEr...
method save_device (line 105) | pub fn save_device(&self, mpidrs: &[u64]) -> Result<GicState, GicError> {
method restore_device (line 109) | pub fn restore_device(&self, mpidrs: &[u64], state: &GicState) -> Resu...
method init_device_attributes (line 113) | pub fn init_device_attributes(gic_device: &Self) -> Result<(), GicErro...
method init_its (line 137) | fn init_its(vm: &VmFd, gic_device: &mut Self) -> Result<(), GicError> {
method create (line 171) | pub fn create(vm: &VmFd, vcpu_count: u64) -> Result<Self, GicError> {
method finalize_device (line 183) | pub fn finalize_device(gic_device: &Self) -> Result<(), GicError> {
method set_device_attribute (line 213) | pub fn set_device_attribute(
function save_pending_tables (line 237) | fn save_pending_tables(gic_device: &DeviceFd) -> Result<(), GicError> {
function test_save_pending_tables (line 258) | fn test_save_pending_tables() {
FILE: src/vmm/src/arch/aarch64/gic/gicv3/regs/dist_regs.rs
constant GICD_CTLR (line 17) | const GICD_CTLR: DistReg = DistReg::simple(0x0, 4);
constant GICD_STATUSR (line 18) | const GICD_STATUSR: DistReg = DistReg::simple(0x0010, 4);
constant GICD_IGROUPR (line 19) | const GICD_IGROUPR: DistReg = DistReg::shared_irq(0x0080, 1);
constant GICD_ISENABLER (line 20) | const GICD_ISENABLER: DistReg = DistReg::shared_irq(0x0100, 1);
constant GICD_ICENABLER (line 21) | const GICD_ICENABLER: DistReg = DistReg::shared_irq(0x0180, 1);
constant GICD_ISPENDR (line 22) | const GICD_ISPENDR: DistReg = DistReg::shared_irq(0x0200, 1);
constant GICD_ICPENDR (line 23) | const GICD_ICPENDR: DistReg = DistReg::shared_irq(0x0280, 1);
constant GICD_ISACTIVER (line 24) | const GICD_ISACTIVER: DistReg = DistReg::shared_irq(0x0300, 1);
constant GICD_ICACTIVER (line 25) | const GICD_ICACTIVER: DistReg = DistReg::shared_irq(0x0380, 1);
constant GICD_IPRIORITYR (line 26) | const GICD_IPRIORITYR: DistReg = DistReg::shared_irq(0x0400, 8);
constant GICD_ICFGR (line 27) | const GICD_ICFGR: DistReg = DistReg::shared_irq(0x0C00, 2);
constant GICD_IROUTER (line 28) | const GICD_IROUTER: DistReg = DistReg::shared_irq(0x6000, 64);
type SharedIrqReg (line 54) | pub struct SharedIrqReg {
method range (line 62) | fn range(&self) -> Range<u64> {
type DistReg (line 79) | enum DistReg {
method simple (line 85) | const fn simple(offset: u64, size: u16) -> DistReg {
method shared_irq (line 89) | const fn shared_irq(offset: u64, bits_per_irq: u8) -> DistReg {
method range (line 98) | fn range(&self) -> Range<u64> {
type DistRegEngine (line 106) | struct DistRegEngine {}
type Reg (line 109) | type Reg = DistReg;
type RegChunk (line 110) | type RegChunk = u32;
method group (line 112) | fn group() -> u32 {
method mpidr_mask (line 116) | fn mpidr_mask() -> u64 {
function get_dist_regs (line 121) | pub(crate) fn get_dist_regs(fd: &DeviceFd) -> Result<Vec<GicRegState<u32...
function set_dist_regs (line 125) | pub(crate) fn set_dist_regs(fd: &DeviceFd, state: &[GicRegState<u32>]) -...
function test_access_dist_regs (line 140) | fn test_access_dist_regs() {
function test_dist_constructors (line 168) | fn test_dist_constructors() {
FILE: src/vmm/src/arch/aarch64/gic/gicv3/regs/icc_regs.rs
constant ICC_CTLR_EL1_PRIBITS_SHIFT (line 10) | const ICC_CTLR_EL1_PRIBITS_SHIFT: u64 = 8;
constant ICC_CTLR_EL1_PRIBITS_MASK (line 11) | const ICC_CTLR_EL1_PRIBITS_MASK: u64 = 7 << ICC_CTLR_EL1_PRIBITS_SHIFT;
constant SYS_ICC_SRE_EL1 (line 14) | const SYS_ICC_SRE_EL1: SimpleReg = SimpleReg::vgic_sys_reg(3, 0, 12, 12,...
constant SYS_ICC_CTLR_EL1 (line 15) | const SYS_ICC_CTLR_EL1: SimpleReg = SimpleReg::vgic_sys_reg(3, 0, 12, 12...
constant SYS_ICC_IGRPEN0_EL1 (line 16) | const SYS_ICC_IGRPEN0_EL1: SimpleReg = SimpleReg::vgic_sys_reg(3, 0, 12,...
constant SYS_ICC_IGRPEN1_EL1 (line 17) | const SYS_ICC_IGRPEN1_EL1: SimpleReg = SimpleReg::vgic_sys_reg(3, 0, 12,...
constant SYS_ICC_PMR_EL1 (line 18) | const SYS_ICC_PMR_EL1: SimpleReg = SimpleReg::vgic_sys_reg(3, 0, 4, 6, 0);
constant SYS_ICC_BPR0_EL1 (line 19) | const SYS_ICC_BPR0_EL1: SimpleReg = SimpleReg::vgic_sys_reg(3, 0, 12, 8,...
constant SYS_ICC_BPR1_EL1 (line 20) | const SYS_ICC_BPR1_EL1: SimpleReg = SimpleReg::vgic_sys_reg(3, 0, 12, 12...
constant SYS_ICC_AP0R0_EL1 (line 22) | const SYS_ICC_AP0R0_EL1: SimpleReg = SimpleReg::sys_icc_ap0rn_el1(0);
constant SYS_ICC_AP0R1_EL1 (line 23) | const SYS_ICC_AP0R1_EL1: SimpleReg = SimpleReg::sys_icc_ap0rn_el1(1);
constant SYS_ICC_AP0R2_EL1 (line 24) | const SYS_ICC_AP0R2_EL1: SimpleReg = SimpleReg::sys_icc_ap0rn_el1(2);
constant SYS_ICC_AP0R3_EL1 (line 25) | const SYS_ICC_AP0R3_EL1: SimpleReg = SimpleReg::sys_icc_ap0rn_el1(3);
constant SYS_ICC_AP1R0_EL1 (line 27) | const SYS_ICC_AP1R0_EL1: SimpleReg = SimpleReg::sys_icc_ap1rn_el1(0);
constant SYS_ICC_AP1R1_EL1 (line 28) | const SYS_ICC_AP1R1_EL1: SimpleReg = SimpleReg::sys_icc_ap1rn_el1(1);
constant SYS_ICC_AP1R2_EL1 (line 29) | const SYS_ICC_AP1R2_EL1: SimpleReg = SimpleReg::sys_icc_ap1rn_el1(2);
constant SYS_ICC_AP1R3_EL1 (line 30) | const SYS_ICC_AP1R3_EL1: SimpleReg = SimpleReg::sys_icc_ap1rn_el1(3);
method vgic_sys_reg (line 54) | const fn vgic_sys_reg(op0: u64, op1: u64, crn: u64, crm: u64, op2: u64) ...
method sys_icc_ap0rn_el1 (line 65) | const fn sys_icc_ap0rn_el1(n: u64) -> SimpleReg {
method sys_icc_ap1rn_el1 (line 69) | const fn sys_icc_ap1rn_el1(n: u64) -> SimpleReg {
type VgicSysRegEngine (line 74) | struct VgicSysRegEngine {}
type Reg (line 77) | type Reg = SimpleReg;
type RegChunk (line 78) | type RegChunk = u64;
method group (line 80) | fn group() -> u32 {
method mpidr_mask (line 85) | fn mpidr_mask() -> u64 {
function num_priority_bits (line 90) | fn num_priority_bits(fd: &DeviceFd, mpidr: u64) -> Result<u64, GicError> {
function is_ap_reg_available (line 96) | fn is_ap_reg_available(reg: &SimpleReg, num_priority_bits: u64) -> bool {
function get_icc_regs (line 119) | pub(crate) fn get_icc_regs(fd: &DeviceFd, mpidr: u64) -> Result<VgicSysR...
function set_icc_regs (line 139) | pub(crate) fn set_icc_regs(
function test_access_icc_regs (line 176) | fn test_access_icc_regs() {
function test_icc_constructors (line 215) | fn test_icc_constructors() {
FILE: src/vmm/src/arch/aarch64/gic/gicv3/regs/its_regs.rs
constant GITS_CTLR (line 14) | const GITS_CTLR: u32 = 0x0000;
constant GITS_IIDR (line 15) | const GITS_IIDR: u32 = 0x0004;
constant GITS_CBASER (line 16) | const GITS_CBASER: u32 = 0x0080;
constant GITS_CWRITER (line 17) | const GITS_CWRITER: u32 = 0x0088;
constant GITS_CREADR (line 18) | const GITS_CREADR: u32 = 0x0090;
constant GITS_BASER (line 19) | const GITS_BASER: u32 = 0x0100;
function set_device_attribute (line 21) | fn set_device_attribute(
function get_device_attribute (line 39) | fn get_device_attribute(its_device: &DeviceFd, group: u32, attr: u32) ->...
function its_read_register (line 56) | fn its_read_register(its_fd: &DeviceFd, attr: u32) -> Result<u64, GicErr...
function its_set_register (line 60) | fn its_set_register(its_fd: &DeviceFd, attr: u32, val: u64) -> Result<()...
function its_save_tables (line 64) | pub fn its_save_tables(its_fd: &DeviceFd) -> Result<(), GicError> {
function its_restore_tables (line 73) | pub fn its_restore_tables(its_fd: &DeviceFd) -> Result<(), GicError> {
type ItsRegisterState (line 84) | pub struct ItsRegisterState {
method save (line 95) | pub fn save(its_fd: &DeviceFd) -> Result<Self, GicError> {
method restore (line 123) | pub fn restore(&self, its_fd: &DeviceFd) -> Result<(), GicError> {
FILE: src/vmm/src/arch/aarch64/gic/gicv3/regs/mod.rs
function save_state (line 16) | pub fn save_state(
function restore_state (line 44) | pub fn restore_state(
function test_vm_save_restore_state (line 77) | fn test_vm_save_restore_state() {
FILE: src/vmm/src/arch/aarch64/gic/gicv3/regs/redist_regs.rs
constant GICR_CTLR (line 11) | const GICR_CTLR: SimpleReg = SimpleReg::new(0x0000, 4);
constant GICR_STATUSR (line 12) | const GICR_STATUSR: SimpleReg = SimpleReg::new(0x0010, 4);
constant GICR_WAKER (line 13) | const GICR_WAKER: SimpleReg = SimpleReg::new(0x0014, 4);
constant GICR_PROPBASER (line 14) | const GICR_PROPBASER: SimpleReg = SimpleReg::new(0x0070, 8);
constant GICR_PENDBASER (line 15) | const GICR_PENDBASER: SimpleReg = SimpleReg::new(0x0078, 8);
constant GICR_SGI_OFFSET (line 18) | const GICR_SGI_OFFSET: u64 = 0x0001_0000;
constant GICR_IGROUPR0 (line 19) | const GICR_IGROUPR0: SimpleReg = SimpleReg::new(GICR_SGI_OFFSET + 0x0080...
constant GICR_ISENABLER0 (line 20) | const GICR_ISENABLER0: SimpleReg = SimpleReg::new(GICR_SGI_OFFSET + 0x01...
constant GICR_ICENABLER0 (line 21) | const GICR_ICENABLER0: SimpleReg = SimpleReg::new(GICR_SGI_OFFSET + 0x01...
constant GICR_ISPENDR0 (line 22) | const GICR_ISPENDR0: SimpleReg = SimpleReg::new(GICR_SGI_OFFSET + 0x0200...
constant GICR_ICPENDR0 (line 23) | const GICR_ICPENDR0: SimpleReg = SimpleReg::new(GICR_SGI_OFFSET + 0x0280...
constant GICR_ISACTIVER0 (line 24) | const GICR_ISACTIVER0: SimpleReg = SimpleReg::new(GICR_SGI_OFFSET + 0x03...
constant GICR_ICACTIVER0 (line 25) | const GICR_ICACTIVER0: SimpleReg = SimpleReg::new(GICR_SGI_OFFSET + 0x03...
constant GICR_IPRIORITYR0 (line 26) | const GICR_IPRIORITYR0: SimpleReg = SimpleReg::new(GICR_SGI_OFFSET + 0x0...
constant GICR_ICFGR0 (line 27) | const GICR_ICFGR0: SimpleReg = SimpleReg::new(GICR_SGI_OFFSET + 0x0C00, 8);
type RedistRegEngine (line 51) | struct RedistRegEngine {}
type Reg (line 54) | type Reg = SimpleReg;
type RegChunk (line 55) | type RegChunk = u32;
method group (line 57) | fn group() -> u32 {
method mpidr_mask (line 62) | fn mpidr_mask() -> u64 {
function redist_regs (line 67) | fn redist_regs() -> Box<dyn Iterator<Item = &'static SimpleReg>> {
function get_redist_regs (line 71) | pub(crate) fn get_redist_regs(
function set_redist_regs (line 78) | pub(crate) fn set_redist_regs(
function test_access_redist_regs (line 97) | fn test_access_redist_regs() {
FILE: src/vmm/src/arch/aarch64/gic/mod.rs
type GIC (line 17) | pub struct GIC {
method device_fd (line 35) | pub fn device_fd(&self) -> &DeviceFd {
method device_properties (line 40) | pub fn device_properties(&self) -> &[u64] {
method vcpu_count (line 45) | pub fn vcpu_count(&self) -> u64 {
type GicError (line 52) | pub enum GicError {
type GICVersion (line 67) | pub enum GICVersion {
type GICDevice (line 76) | pub enum GICDevice {
method device_fd (line 84) | pub fn device_fd(&self) -> &DeviceFd {
method its_fd (line 92) | pub fn its_fd(&self) -> Option<&DeviceFd> {
method device_properties (line 100) | pub fn device_properties(&self) -> &[u64] {
method msi_properties (line 108) | pub fn msi_properties(&self) -> Option<&[u64; 2]> {
method vcpu_count (line 116) | pub fn vcpu_count(&self) -> u64 {
method fdt_compatibility (line 124) | pub fn fdt_compatibility(&self) -> &str {
method fdt_maint_irq (line 132) | pub fn fdt_maint_irq(&self) -> u32 {
method version (line 140) | pub fn version(&self) -> u32 {
method init_device_attributes (line 148) | pub fn init_device_attributes(gic_device: &Self) -> Result<(), GicErro...
method save_device (line 156) | pub fn save_device(&self, mpidrs: &[u64]) -> Result<GicState, GicError> {
method restore_device (line 164) | pub fn restore_device(&self, mpidrs: &[u64], state: &GicState) -> Resu...
function create_gic (line 177) | pub fn create_gic(
function test_create_gic (line 199) | fn test_create_gic() {
FILE: src/vmm/src/arch/aarch64/gic/regs.rs
type GicRegState (line 16) | pub struct GicRegState<T> {
type VgicSysRegsState (line 22) | pub struct VgicSysRegsState {
type GicState (line 29) | pub struct GicState {
type GicVcpuState (line 40) | pub struct GicVcpuState {
type MmioReg (line 45) | pub(crate) trait MmioReg {
method range (line 46) | fn range(&self) -> Range<u64>;
method iter (line 48) | fn iter<T>(&self) -> StepBy<Range<u64>>
method range (line 166) | fn range(&self) -> Range<u64> {
type VgicRegEngine (line 56) | pub(crate) trait VgicRegEngine {
method group (line 60) | fn group() -> u32;
method mpidr_mask (line 62) | fn mpidr_mask() -> u64 {
method kvm_device_attr (line 66) | fn kvm_device_attr(offset: u64, val: &mut Self::RegChunk, mpidr: u64) ...
method get_reg_data (line 76) | fn get_reg_data(
method get_regs_data (line 99) | fn get_regs_data(
method set_reg_data (line 116) | fn set_reg_data(
method set_regs_data (line 133) | fn set_regs_data(
type SimpleReg (line 152) | pub(crate) struct SimpleReg {
method new (line 160) | pub const fn new(offset: u64, size: u16) -> SimpleReg {
FILE: src/vmm/src/arch/aarch64/kvm.rs
type KvmArchError (line 11) | pub type KvmArchError = Infallible;
type OptionalCapabilities (line 15) | pub struct OptionalCapabilities {
type Kvm (line 22) | pub struct Kvm {
constant DEFAULT_CAPABILITIES (line 30) | pub(crate) const DEFAULT_CAPABILITIES: [u32; 7] = [
method init_arch (line 41) | pub fn init_arch(
method optional_capabilities (line 52) | pub fn optional_capabilities(&self) -> OptionalCapabilities {
FILE: src/vmm/src/arch/aarch64/layout.rs
constant DRAM_MEM_START (line 55) | pub const DRAM_MEM_START: u64 = 0x8000_0000;
constant DRAM_MEM_MAX_SIZE (line 57) | pub const DRAM_MEM_MAX_SIZE: usize = 0x00FF_8000_0000;
constant SYSTEM_MEM_START (line 60) | pub const SYSTEM_MEM_START: u64 = DRAM_MEM_START;
constant SYSTEM_MEM_SIZE (line 65) | pub const SYSTEM_MEM_SIZE: u64 = 0x20_0000;
constant CMDLINE_MAX_SIZE (line 69) | pub const CMDLINE_MAX_SIZE: usize = 2048;
constant FDT_MAX_SIZE (line 72) | pub const FDT_MAX_SIZE: usize = 0x20_0000;
constant SPI_START (line 83) | pub const SPI_START: u32 = 32;
constant SPI_END (line 85) | pub const SPI_END: u32 = 127;
constant GSI_LEGACY_START (line 87) | pub const GSI_LEGACY_START: u32 = 0;
constant GSI_LEGACY_NUM (line 89) | pub const GSI_LEGACY_NUM: u32 = SPI_END - SPI_START + 1;
constant GSI_LEGACY_END (line 91) | pub const GSI_LEGACY_END: u32 = GSI_LEGACY_START + GSI_LEGACY_NUM - 1;
constant GSI_MSI_START (line 93) | pub const GSI_MSI_START: u32 = GSI_LEGACY_END + 1;
constant GSI_MSI_END (line 95) | pub const GSI_MSI_END: u32 = 4095;
constant GSI_MSI_NUM (line 97) | pub const GSI_MSI_NUM: u32 = GSI_MSI_END - GSI_MSI_START + 1;
constant MMIO32_MEM_START (line 101) | pub const MMIO32_MEM_START: u64 = 1 << 30;
constant MMIO32_MEM_SIZE (line 103) | pub const MMIO32_MEM_SIZE: u64 = DRAM_MEM_START - MMIO32_MEM_START;
constant PCI_MMCONFIG_SIZE (line 108) | pub const PCI_MMCONFIG_SIZE: u64 = 256 << 20;
constant PCI_MMCONFIG_START (line 110) | pub const PCI_MMCONFIG_START: u64 = DRAM_MEM_START - PCI_MMCONFIG_SIZE;
constant PCI_MMIO_CONFIG_SIZE_PER_SEGMENT (line 112) | pub const PCI_MMIO_CONFIG_SIZE_PER_SEGMENT: u64 = 4096 * 256;
constant BOOT_DEVICE_MEM_START (line 118) | pub const BOOT_DEVICE_MEM_START: u64 = MMIO32_MEM_START;
constant RTC_MEM_START (line 120) | pub const RTC_MEM_START: u64 = BOOT_DEVICE_MEM_START + MMIO_LEN;
constant SERIAL_MEM_START (line 122) | pub const SERIAL_MEM_START: u64 = RTC_MEM_START + MMIO_LEN;
constant MEM_32BIT_DEVICES_START (line 125) | pub const MEM_32BIT_DEVICES_START: u64 = SERIAL_MEM_START + MMIO_LEN;
constant MEM_32BIT_DEVICES_SIZE (line 127) | pub const MEM_32BIT_DEVICES_SIZE: u64 = PCI_MMCONFIG_START - MEM_32BIT_D...
constant MMIO64_MEM_START (line 131) | pub const MMIO64_MEM_START: u64 = 256 << 30;
constant MMIO64_MEM_SIZE (line 133) | pub const MMIO64_MEM_SIZE: u64 = 256 << 30;
constant MEM_64BIT_DEVICES_START (line 137) | pub const MEM_64BIT_DEVICES_START: u64 = MMIO64_MEM_START;
constant MEM_64BIT_DEVICES_SIZE (line 139) | pub const MEM_64BIT_DEVICES_SIZE: u64 = MMIO64_MEM_SIZE;
constant FIRST_ADDR_PAST_64BITS_MMIO (line 141) | pub const FIRST_ADDR_PAST_64BITS_MMIO: u64 = MMIO64_MEM_START + MMIO64_M...
constant PAST_64BITS_MMIO_SIZE (line 143) | pub const PAST_64BITS_MMIO_SIZE: u64 = 512 << 30;
FILE: src/vmm/src/arch/aarch64/mod.rs
type ConfigurationError (line 41) | pub enum ConfigurationError {
function arch_memory_regions (line 58) | pub fn arch_memory_regions(size: usize) -> Vec<(GuestAddress, usize)> {
function configure_system_for_boot (line 88) | pub fn configure_system_for_boot(
function get_kernel_start (line 146) | pub fn get_kernel_start() -> u64 {
function initrd_load_addr (line 151) | pub fn initrd_load_addr(guest_mem: &GuestMemoryMmap, initrd_size: usize)...
function get_fdt_addr (line 163) | fn get_fdt_addr(mem: &GuestMemoryMmap) -> u64 {
function load_kernel (line 182) | pub fn load_kernel(
function verify_arch_memory_regions (line 214) | fn verify_arch_memory_regions() {
function test_regions_lt_1024gb (line 281) | fn test_regions_lt_1024gb() {
function test_regions_gt_1024gb (line 289) | fn test_regions_gt_1024gb() {
function test_get_fdt_addr (line 302) | fn test_get_fdt_addr() {
FILE: src/vmm/src/arch/aarch64/regs.rs
constant PSR_MODE_EL1h (line 17) | const PSR_MODE_EL1h: u64 = 0x0000_0005;
constant PSR_F_BIT (line 18) | const PSR_F_BIT: u64 = 0x0000_0040;
constant PSR_I_BIT (line 19) | const PSR_I_BIT: u64 = 0x0000_0080;
constant PSR_A_BIT (line 20) | const PSR_A_BIT: u64 = 0x0000_0100;
constant PSR_D_BIT (line 21) | const PSR_D_BIT: u64 = 0x0000_0200;
constant PSTATE_FAULT_BITS_64 (line 23) | pub const PSTATE_FAULT_BITS_64: u64 = PSR_MODE_EL1h | PSR_A_BIT | PSR_F_...
constant KVM_REG_ARM64_SVE_VLS (line 122) | pub const KVM_REG_ARM64_SVE_VLS: u64 =
constant PC (line 133) | pub const PC: u64 = {
type RegSize (line 141) | pub enum RegSize {
constant U8_SIZE (line 164) | pub const U8_SIZE: usize = 1;
constant U16_SIZE (line 166) | pub const U16_SIZE: usize = 2;
constant U32_SIZE (line 168) | pub const U32_SIZE: usize = 4;
constant U64_SIZE (line 170) | pub const U64_SIZE: usize = 8;
constant U128_SIZE (line 172) | pub const U128_SIZE: usize = 16;
constant U256_SIZE (line 174) | pub const U256_SIZE: usize = 32;
constant U512_SIZE (line 176) | pub const U512_SIZE: usize = 64;
constant U1024_SIZE (line 178) | pub const U1024_SIZE: usize = 128;
constant U2048_SIZE (line 180) | pub const U2048_SIZE: usize = 256;
method from (line 184) | fn from(value: usize) -> Self {
function from (line 201) | fn from(value: RegSize) -> Self {
function reg_size (line 217) | pub fn reg_size(reg_id: u64) -> usize {
type Aarch64RegisterVec (line 223) | pub struct Aarch64RegisterVec {
method len (line 230) | pub fn len(&self) -> usize {
method is_empty (line 235) | pub fn is_empty(&self) -> bool {
method push (line 240) | pub fn push(&mut self, reg: Aarch64RegisterRef<'_>) {
method iter (line 246) | pub fn iter(&self) -> impl Iterator<Item = Aarch64RegisterRef<'_>> {
method iter_mut (line 256) | pub fn iter_mut(&mut self) -> impl Iterator<Item = Aarch64RegisterRefM...
method manifacturer_id (line 267) | pub fn manifacturer_id(&self) -> Option<u32> {
method deserialize (line 284) | fn deserialize<D>(deserializer: D) -> Result<Self, D::Error>
method serialize (line 275) | fn serialize<S>(&self, serializer: S) -> Result<S::Ok, S::Error>
type Aarch64RegisterVecIterator (line 315) | pub struct Aarch64RegisterVecIterator<'a> {
type Item (line 323) | type Item = Aarch64RegisterRef<'a>;
method next (line 325) | fn next(&mut self) -> Option<Self::Item> {
type Aarch64RegisterVecIteratorMut (line 344) | pub struct Aarch64RegisterVecIteratorMut<'a> {
type Item (line 352) | type Item = Aarch64RegisterRefMut<'a>;
method next (line 354) | fn next(&mut self) -> Option<Self::Item> {
type Aarch64RegisterRef (line 374) | pub struct Aarch64RegisterRef<'a> {
function new (line 385) | pub fn new(id: u64, data: &'a [u8]) -> Self {
function size (line 396) | pub fn size(&self) -> RegSize {
function value (line 404) | pub fn value<T: Aarch64RegisterData<N>, const N: usize>(&self) -> T {
function value_str (line 409) | pub fn value_str(&self) -> String {
function as_slice (line 418) | pub fn as_slice(&self) -> &[u8] {
type Aarch64RegisterRefMut (line 425) | pub struct Aarch64RegisterRefMut<'a> {
function new (line 436) | pub fn new(id: u64, data: &'a mut [u8]) -> Self {
function size (line 447) | pub fn size(&self) -> RegSize {
function value (line 455) | pub fn value<T: Aarch64RegisterData<N>, const N: usize>(&self) -> T {
function set_value (line 463) | pub fn set_value<T: Aarch64RegisterData<N>, const N: usize>(&mut self, v...
type Aarch64RegisterData (line 470) | pub trait Aarch64RegisterData<const N: usize> {
method from_slice (line 472) | fn from_slice(slice: &[u8]) -> Self;
method to_bytes (line 474) | fn to_bytes(&self) -> [u8; N];
function test_reg_size (line 528) | fn test_reg_size() {
function test_aarch64_register_vec_serde (line 535) | fn test_aarch64_register_vec_serde() {
function test_aarch64_register_vec_serde_invalid_regs_size_sum (line 555) | fn test_aarch64_register_vec_serde_invalid_regs_size_sum() {
function test_aarch64_register_vec_serde_invalid_reg_size (line 578) | fn test_aarch64_register_vec_serde_invalid_reg_size() {
function test_aarch64_register_vec (line 598) | fn test_aarch64_register_vec() {
function test_reg_ref (line 693) | fn test_reg_ref() {
function test_reg_ref_value_str (line 702) | fn test_reg_ref_value_str() {
function test_reg_ref_new_must_panic (line 732) | fn test_reg_ref_new_must_panic() {
function test_reg_ref_value_must_panic (line 741) | fn test_reg_ref_value_must_panic() {
function test_reg_ref_mut (line 748) | fn test_reg_ref_mut() {
function test_reg_ref_mut_new_must_panic (line 763) | fn test_reg_ref_mut_new_must_panic() {
function test_reg_ref_mut_must_panic (line 772) | fn test_reg_ref_mut_must_panic() {
FILE: src/vmm/src/arch/aarch64/vcpu.rs
type VcpuArchError (line 33) | pub enum VcpuArchError {
function get_manufacturer_id_from_host (line 52) | pub fn get_manufacturer_id_from_host() -> Option<u32> {
function get_registers (line 66) | pub fn get_registers(
type KvmVcpuError (line 84) | pub enum KvmVcpuError {
type KvmVcpuConfigureError (line 106) | pub type KvmVcpuConfigureError = KvmVcpuError;
type KvmVcpu (line 110) | pub struct KvmVcpu {
method new (line 136) | pub fn new(index: u8, vm: &Vm) -> Result<Self, KvmVcpuError> {
method get_mpidr (line 158) | pub fn get_mpidr(&self) -> Result<u64, VcpuArchError> {
method configure (line 175) | pub fn configure(
method init (line 207) | pub fn init(&mut self, vcpu_features: &[VcpuFeatures]) -> Result<(), K...
method default_kvi (line 220) | pub fn default_kvi(vm_fd: &VmFd) -> Result<kvm_vcpu_init, KvmVcpuError> {
method save_state (line 233) | pub fn save_state(&self) -> Result<VcpuState, KvmVcpuError> {
method restore_state (line 255) | pub fn restore_state(&mut self, state: &VcpuState) -> Result<(), KvmVc...
method dump_cpu_config (line 295) | pub fn dump_cpu_config(&self) -> Result<CpuConfiguration, KvmVcpuError> {
method init_vcpu (line 303) | fn init_vcpu(&self) -> Result<(), KvmVcpuError> {
method finalize_vcpu (line 320) | fn finalize_vcpu(&self) -> Result<(), KvmVcpuError> {
method setup_boot_regs (line 338) | pub fn setup_boot_regs(
method get_all_registers (line 402) | pub fn get_all_registers(&self, state: &mut Aarch64RegisterVec) -> Res...
method get_all_registers_ids (line 407) | pub fn get_all_registers_ids(&self) -> Result<Vec<u64>, VcpuArchError> {
method set_register (line 440) | pub fn set_register(&self, reg: Aarch64RegisterRef) -> Result<(), Vcpu...
method get_mpstate (line 452) | pub fn get_mpstate(&self) -> Result<kvm_mp_state, VcpuArchError> {
method set_mpstate (line 461) | pub fn set_mpstate(&self, state: kvm_mp_state) -> Result<(), VcpuArchE...
method supports_pvtime (line 466) | pub fn supports_pvtime(&self) -> bool {
method enable_pvtime (line 479) | pub fn enable_pvtime(&mut self, ipa: GuestAddress) -> Result<(), VcpuA...
type Peripherals (line 124) | pub struct Peripherals {
method run_arch_emulation (line 502) | pub fn run_arch_emulation(&self, exit: VcpuExit) -> Result<VcpuEmulati...
type VcpuState (line 513) | pub struct VcpuState {
method fmt (line 529) | fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result {
function setup_vcpu (line 570) | fn setup_vcpu(mem_size: usize) -> (Kvm, Vm, KvmVcpu) {
function setup_vcpu_no_init (line 577) | fn setup_vcpu_no_init(mem_size: usize) -> (Kvm, Vm, KvmVcpu) {
function test_create_vcpu (line 585) | fn test_create_vcpu() {
function test_configure_vcpu (line 604) | fn test_configure_vcpu() {
function test_init_vcpu (line 653) | fn test_init_vcpu() {
function test_pmu_v3_feature_invalid (line 672) | fn test_pmu_v3_feature_invalid() {
function test_vcpu_save_restore_state (line 692) | fn test_vcpu_save_restore_state() {
function test_dump_cpu_config_before_init (line 732) | fn test_dump_cpu_config_before_init() {
function test_dump_cpu_config_after_init (line 745) | fn test_dump_cpu_config_after_init() {
function test_setup_non_boot_vcpu (line 756) | fn test_setup_non_boot_vcpu() {
function test_get_valid_regs (line 765) | fn test_get_valid_regs() {
function test_get_invalid_regs (line 775) | fn test_get_invalid_regs() {
function test_setup_regs (line 783) | fn test_setup_regs() {
function test_read_mpidr (line 820) | fn test_read_mpidr() {
function test_get_set_regs (line 835) | fn test_get_set_regs() {
function test_mpstate (line 851) | fn test_mpstate() {
FILE: src/vmm/src/arch/aarch64/vm.rs
type ArchVm (line 16) | pub struct ArchVm {
method new (line 36) | pub fn new(kvm: &Kvm) -> Result<ArchVm, VmError> {
method arch_pre_create_vcpus (line 45) | pub fn arch_pre_create_vcpus(&mut self, _: u8) -> Result<(), ArchVmErr...
method arch_post_create_vcpus (line 50) | pub fn arch_post_create_vcpus(&mut self, nr_vcpus: u8) -> Result<(), A...
method setup_irqchip (line 59) | pub fn setup_irqchip(&mut self, vcpu_count: u8) -> Result<(), ArchVmEr...
method get_irqchip (line 68) | pub fn get_irqchip(&self) -> &crate::arch::aarch64::gic::GICDevice {
method save_state (line 73) | pub fn save_state(&self, mpidrs: &[u64]) -> Result<VmState, ArchVmErro...
method restore_state (line 89) | pub fn restore_state(&mut self, mpidrs: &[u64], state: &VmState) -> Re...
type ArchVmError (line 25) | pub enum ArchVmError {
type VmState (line 101) | pub struct VmState {
FILE: src/vmm/src/arch/mod.rs
type DeviceType (line 46) | pub enum DeviceType {
method fmt (line 78) | fn fmt(&self, f: &mut fmt::Formatter) -> fmt::Result {
constant GUEST_PAGE_SIZE (line 60) | pub const GUEST_PAGE_SIZE: usize = 4096;
function host_page_size (line 63) | pub fn host_page_size() -> usize {
type BootProtocol (line 85) | pub enum BootProtocol {
method fmt (line 94) | fn fmt(&self, f: &mut ::std::fmt::Formatter) -> ::std::fmt::Result {
type EntryPoint (line 107) | pub struct EntryPoint {
function arch_memory_regions_with_gap (line 116) | fn arch_memory_regions_with_gap(
FILE: src/vmm/src/arch/x86_64/cpu_model.rs
type CpuModel (line 9) | pub struct CpuModel {
method get_cpu_model (line 60) | pub fn get_cpu_model() -> Self {
method from (line 69) | fn from(eax: &u32) -> Self {
constant SKYLAKE_FMS (line 23) | pub const SKYLAKE_FMS: CpuModel = CpuModel {
constant CASCADE_LAKE_FMS (line 32) | pub const CASCADE_LAKE_FMS: CpuModel = CpuModel {
constant ICE_LAKE_FMS (line 41) | pub const ICE_LAKE_FMS: CpuModel = CpuModel {
constant MILAN_FMS (line 50) | pub const MILAN_FMS: CpuModel = CpuModel {
function cpu_model_from (line 85) | fn cpu_model_from() {
FILE: src/vmm/src/arch/x86_64/gdt.rs
function gdt_entry (line 15) | pub fn gdt_entry(flags: u16, base: u32, limit: u32) -> u64 {
function get_base (line 23) | fn get_base(entry: u64) -> u64 {
function get_limit (line 51) | fn get_limit(entry: u64) -> u32 {
function get_g (line 63) | fn get_g(entry: u64) -> u8 {
function get_db (line 67) | fn get_db(entry: u64) -> u8 {
function get_l (line 71) | fn get_l(entry: u64) -> u8 {
function get_avl (line 75) | fn get_avl(entry: u64) -> u8 {
function get_p (line 79) | fn get_p(entry: u64) -> u8 {
function get_dpl (line 83) | fn get_dpl(entry: u64) -> u8 {
function get_s (line 87) | fn get_s(entry: u64) -> u8 {
function get_type (line 91) | fn get_type(entry: u64) -> u8 {
function kvm_segment_from_gdt (line 101) | pub fn kvm_segment_from_gdt(entry: u64, table_index: u8) -> kvm_segment {
function field_parse (line 127) | fn field_parse() {
FILE: src/vmm/src/arch/x86_64/generated/arch_prctl.rs
constant ARCH_SET_GS (line 19) | pub const ARCH_SET_GS: u32 = 4097;
constant ARCH_SET_FS (line 20) | pub const ARCH_SET_FS: u32 = 4098;
constant ARCH_GET_FS (line 21) | pub const ARCH_GET_FS: u32 = 4099;
constant ARCH_GET_GS (line 22) | pub const ARCH_GET_GS: u32 = 4100;
constant ARCH_GET_CPUID (line 23) | pub const ARCH_GET_CPUID: u32 = 4113;
constant ARCH_SET_CPUID (line 24) | pub const ARCH_SET_CPUID: u32 = 4114;
constant ARCH_GET_XCOMP_SUPP (line 25) | pub const ARCH_GET_XCOMP_SUPP: u32 = 4129;
constant ARCH_GET_XCOMP_PERM (line 26) | pub const ARCH_GET_XCOMP_PERM: u32 = 4130;
constant ARCH_REQ_XCOMP_PERM (line 27) | pub const ARCH_REQ_XCOMP_PERM: u32 = 4131;
constant ARCH_GET_XCOMP_GUEST_PERM (line 28) | pub const ARCH_GET_XCOMP_GUEST_PERM: u32 = 4132;
constant ARCH_REQ_XCOMP_GUEST_PERM (line 29) | pub const ARCH_REQ_XCOMP_GUEST_PERM: u32 = 4133;
constant ARCH_XCOMP_TILECFG (line 30) | pub const ARCH_XCOMP_TILECFG: u32 = 17;
constant ARCH_XCOMP_TILEDATA (line 31) | pub const ARCH_XCOMP_TILEDATA: u32 = 18;
constant ARCH_MAP_VDSO_X32 (line 32) | pub const ARCH_MAP_VDSO_X32: u32 = 8193;
constant ARCH_MAP_VDSO_32 (line 33) | pub const ARCH_MAP_VDSO_32: u32 = 8194;
constant ARCH_MAP_VDSO_64 (line 34) | pub const ARCH_MAP_VDSO_64: u32 = 8195;
constant ARCH_GET_UNTAG_MASK (line 35) | pub const ARCH_GET_UNTAG_MASK: u32 = 16385;
constant ARCH_ENABLE_TAGGED_ADDR (line 36) | pub const ARCH_ENABLE_TAGGED_ADDR: u32 = 16386;
constant ARCH_GET_MAX_TAG_BITS (line 37) | pub const ARCH_GET_MAX_TAG_BITS: u32 = 16387;
constant ARCH_FORCE_TAGGED_SVA (line 38) | pub const ARCH_FORCE_TAGGED_SVA: u32 = 16388;
constant ARCH_SHSTK_ENABLE (line 39) | pub const ARCH_SHSTK_ENABLE: u32 = 20481;
constant ARCH_SHSTK_DISABLE (line 40) | pub const ARCH_SHSTK_DISABLE: u32 = 20482;
constant ARCH_SHSTK_LOCK (line 41) | pub const ARCH_SHSTK_LOCK: u32 = 20483;
constant ARCH_SHSTK_UNLOCK (line 42) | pub const ARCH_SHSTK_UNLOCK: u32 = 20484;
constant ARCH_SHSTK_STATUS (line 43) | pub const ARCH_SHSTK_STATUS: u32 = 20485;
constant ARCH_SHSTK_SHSTK (line 44) | pub const ARCH_SHSTK_SHSTK: u32 = 1;
constant ARCH_SHSTK_WRSS (line 45) | pub const ARCH_SHSTK_WRSS: u32 = 2;
FILE: src/vmm/src/arch/x86_64/generated/hyperv.rs
constant HV_X64_MSR_SYNDBG_CONTROL (line 19) | pub const HV_X64_MSR_SYNDBG_CONTROL: u32 = 0x400000f1;
constant HV_X64_MSR_SYNDBG_STATUS (line 20) | pub const HV_X64_MSR_SYNDBG_STATUS: u32 = 0x400000f2;
constant HV_X64_MSR_SYNDBG_SEND_BUFFER (line 21) | pub const HV_X64_MSR_SYNDBG_SEND_BUFFER: u32 = 0x400000f3;
constant HV_X64_MSR_SYNDBG_RECV_BUFFER (line 22) | pub const HV_X64_MSR_SYNDBG_RECV_BUFFER: u32 = 0x400000f4;
constant HV_X64_MSR_SYNDBG_PENDING_BUFFER (line 23) | pub const HV_X64_MSR_SYNDBG_PENDING_BUFFER: u32 = 0x400000f5;
constant HV_X64_MSR_SYNDBG_OPTIONS (line 24) | pub const HV_X64_MSR_SYNDBG_OPTIONS: u32 = 0x400000ff;
FILE: src/vmm/src/arch/x86_64/generated/hyperv_tlfs.rs
constant HV_X64_MSR_GUEST_OS_ID (line 19) | pub const HV_X64_MSR_GUEST_OS_ID: u32 = 0x40000000;
constant HV_X64_MSR_HYPERCALL (line 20) | pub const HV_X64_MSR_HYPERCALL: u32 = 0x40000001;
constant HV_X64_MSR_VP_INDEX (line 21) | pub const HV_X64_MSR_VP_INDEX: u32 = 0x40000002;
constant HV_X64_MSR_RESET (line 22) | pub const HV_X64_MSR_RESET: u32 = 0x40000003;
constant HV_X64_MSR_VP_RUNTIME (line 23) | pub const HV_X64_MSR_VP_RUNTIME: u32 = 0x40000010;
constant HV_X64_MSR_TIME_REF_COUNT (line 24) | pub const HV_X64_MSR_TIME_REF_COUNT: u32 = 0x40000020;
constant HV_X64_MSR_REFERENCE_TSC (line 25) | pub const HV_X64_MSR_REFERENCE_TSC: u32 = 0x40000021;
constant HV_X64_MSR_TSC_FREQUENCY (line 26) | pub const HV_X64_MSR_TSC_FREQUENCY: u32 = 0x40000022;
constant HV_X64_MSR_APIC_FREQUENCY (line 27) | pub const HV_X64_MSR_APIC_FREQUENCY: u32 = 0x40000023;
constant HV_X64_MSR_EOI (line 28) | pub const HV_X64_MSR_EOI: u32 = 0x40000070;
constant HV_X64_MSR_ICR (line 29) | pub const HV_X64_MSR_ICR: u32 = 0x40000071;
constant HV_X64_MSR_TPR (line 30) | pub const HV_X64_MSR_TPR: u32 = 0x40000072;
constant HV_X64_MSR_VP_ASSIST_PAGE (line 31) | pub const HV_X64_MSR_VP_ASSIST_PAGE: u32 = 0x40000073;
constant HV_X64_MSR_SCONTROL (line 32) | pub const HV_X64_MSR_SCONTROL: u32 = 0x40000080;
constant HV_X64_MSR_SVERSION (line 33) | pub const HV_X64_MSR_SVERSION: u32 = 0x40000081;
constant HV_X64_MSR_SIEFP (line 34) | pub const HV_X64_MSR_SIEFP: u32 = 0x40000082;
constant HV_X64_MSR_SIMP (line 35) | pub const HV_X64_MSR_SIMP: u32 = 0x40000083;
constant HV_X64_MSR_EOM (line 36) | pub const HV_X64_MSR_EOM: u32 = 0x40000084;
constant HV_X64_MSR_SINT0 (line 37) | pub const HV_X64_MSR_SINT0: u32 = 0x40000090;
constant HV_X64_MSR_SINT1 (line 38) | pub const HV_X64_MSR_SINT1: u32 = 0x40000091;
constant HV_X64_MSR_SINT2 (line 39) | pub const HV_X64_MSR_SINT2: u32 = 0x40000092;
constant HV_X64_MSR_SINT3 (line 40) | pub const HV_X64_MSR_SINT3: u32 = 0x40000093;
constant HV_X64_MSR_SINT4 (line 41) | pub const HV_X64_MSR_SINT4: u32 = 0x40000094;
constant HV_X64_MSR_SINT5 (line 42) | pub const HV_X64_MSR_SINT5: u32 = 0x40000095;
constant HV_X64_MSR_SINT6 (line 43) | pub const HV_X64_MSR_SINT6: u32 = 0x40000096;
constant HV_X64_MSR_SINT7 (line 44) | pub const HV_X64_MSR_SINT7: u32 = 0x40000097;
constant HV_X64_MSR_SINT8 (line 45) | pub const HV_X64_MSR_SINT8: u32 = 0x40000098;
constant HV_X64_MSR_SINT9 (line 46) | pub const HV_X64_MSR_SINT9: u32 = 0x40000099;
constant HV_X64_MSR_SINT10 (line 47) | pub const HV_X64_MSR_SINT10: u32 = 0x4000009a;
constant HV_X64_MSR_SINT11 (line 48) | pub const HV_X64_MSR_SINT11: u32 = 0x4000009b;
constant HV_X64_MSR_SINT12 (line 49) | pub const HV_X64_MSR_SINT12: u32 = 0x4000009c;
constant HV_X64_MSR_SINT13 (line 50) | pub const HV_X64_MSR_SINT13: u32 = 0x4000009d;
constant HV_X64_MSR_SINT14 (line 51) | pub const HV_X64_MSR_SINT14: u32 = 0x4000009e;
constant HV_X64_MSR_SINT15 (line 52) | pub const HV_X64_MSR_SINT15: u32 = 0x4000009f;
constant HV_X64_MSR_NESTED_SCONTROL (line 53) | pub const HV_X64_MSR_NESTED_SCONTROL: u32 = 0x40001080;
constant HV_X64_MSR_NESTED_SVERSION (line 54) | pub const HV_X64_MSR_NESTED_SVERSION: u32 = 0x40001081;
constant HV_X64_MSR_NESTED_SIEFP (line 55) | pub const HV_X64_MSR_NESTED_SIEFP: u32 = 0x40001082;
constant HV_X64_MSR_NESTED_SIMP (line 56) | pub const HV_X64_MSR_NESTED_SIMP: u32 = 0x40001083;
constant HV_X64_MSR_NESTED_EOM (line 57) | pub const HV_X64_MSR_NESTED_EOM: u32 = 0x40001084;
constant HV_X64_MSR_NESTED_SINT0 (line 58) | pub const HV_X64_MSR_NESTED_SINT0: u32 = 0x40001090;
constant HV_X64_MSR_STIMER0_CONFIG (line 59) | pub const HV_X64_MSR_STIMER0_CONFIG: u32 = 0x400000b0;
constant HV_X64_MSR_STIMER0_COUNT (line 60) | pub const HV_X64_MSR_STIMER0_COUNT: u32 = 0x400000b1;
constant HV_X64_MSR_STIMER1_CONFIG (line 61) | pub const HV_X64_MSR_STIMER1_CONFIG: u32 = 0x400000b2;
constant HV_X64_MSR_STIMER1_COUNT (line 62) | pub const HV_X64_MSR_STIMER1_COUNT: u32 = 0x400000b3;
constant HV_X64_MSR_STIMER2_CONFIG (line 63) | pub const HV_X64_MSR_STIMER2_CONFIG: u32 = 0x400000b4;
constant HV_X64_MSR_STIMER2_COUNT (line 64) | pub const HV_X64_MSR_STIMER2_COUNT: u32 = 0x400000b5;
constant HV_X64_MSR_STIMER3_CONFIG (line 65) | pub const HV_X64_MSR_STIMER3_CONFIG: u32 = 0x400000b6;
constant HV_X64_MSR_STIMER3_COUNT (line 66) | pub const HV_X64_MSR_STIMER3_COUNT: u32 = 0x400000b7;
constant HV_X64_MSR_GUEST_IDLE (line 67) | pub const HV_X64_MSR_GUEST_IDLE: u32 = 0x400000f0;
constant HV_X64_MSR_CRASH_P0 (line 68) | pub const HV_X64_MSR_CRASH_P0: u32 = 0x40000100;
constant HV_X64_MSR_CRASH_P1 (line 69) | pub const HV_X64_MSR_CRASH_P1: u32 = 0x40000101;
constant HV_X64_MSR_CRASH_P2 (line 70) | pub const HV_X64_MSR_CRASH_P2: u32 = 0x40000102;
constant HV_X64_MSR_CRASH_P3 (line 71) | pub const HV_X64_MSR_CRASH_P3: u32 = 0x40000103;
constant HV_X64_MSR_CRASH_P4 (line 72) | pub const HV_X64_MSR_CRASH_P4: u32 = 0x40000104;
constant HV_X64_MSR_CRASH_CTL (line 73) | pub const HV_X64_MSR_CRASH_CTL: u32 = 0x40000105;
constant HV_X64_MSR_REENLIGHTENMENT_CONTROL (line 74) | pub const HV_X64_MSR_REENLIGHTENMENT_CONTROL: u32 = 0x40000106;
constant HV_X64_MSR_TSC_EMULATION_CONTROL (line 75) | pub const HV_X64_MSR_TSC_EMULATION_CONTROL: u32 = 0x40000107;
constant HV_X64_MSR_TSC_EMULATION_STATUS (line 76) | pub const HV_X64_MSR_TSC_EMULATION_STATUS: u32 = 0x40000108;
constant HV_X64_MSR_TSC_INVARIANT_CONTROL (line 77) | pub const HV_X64_MSR_TSC_INVARIANT_CONTROL: u32 = 0x40000118;
constant HV_X64_MSR_HYPERCALL_ENABLE (line 78) | pub const HV_X64_MSR_HYPERCALL_ENABLE: u32 = 0x1;
constant HV_X64_MSR_HYPERCALL_PAGE_ADDRESS_SHIFT (line 79) | pub const HV_X64_MSR_HYPERCALL_PAGE_ADDRESS_SHIFT: u32 = 0xc;
constant HV_X64_MSR_HYPERCALL_PAGE_ADDRESS_MASK (line 80) | pub const HV_X64_MSR_HYPERCALL_PAGE_ADDRESS_MASK: i32 = -4096;
constant HV_X64_MSR_CRASH_PARAMS (line 81) | pub const HV_X64_MSR_CRASH_PARAMS: u32 = 0x5;
constant HV_X64_MSR_VP_ASSIST_PAGE_ENABLE (line 82) | pub const HV_X64_MSR_VP_ASSIST_PAGE_ENABLE: u32 = 0x1;
constant HV_X64_MSR_VP_ASSIST_PAGE_ADDRESS_SHIFT (line 83) | pub const HV_X64_MSR_VP_ASSIST_PAGE_ADDRESS_SHIFT: u32 = 0xc;
constant HV_X64_MSR_VP_ASSIST_PAGE_ADDRESS_MASK (line 84) | pub const HV_X64_MSR_VP_ASSIST_PAGE_ADDRESS_MASK: i32 = -4096;
constant HV_X64_MSR_TSC_REFERENCE_ENABLE (line 85) | pub const HV_X64_MSR_TSC_REFERENCE_ENABLE: u32 = 0x1;
constant HV_X64_MSR_TSC_REFERENCE_ADDRESS_SHIFT (line 86) | pub const HV_X64_MSR_TSC_REFERENCE_ADDRESS_SHIFT: u32 = 0xc;
FILE: src/vmm/src/arch/x86_64/generated/mpspec.rs
constant MPC_SIGNATURE (line 19) | pub const MPC_SIGNATURE: &[u8; 5] = b"PCMP\0";
constant MP_PROCESSOR (line 20) | pub const MP_PROCESSOR: u32 = 0;
constant MP_BUS (line 21) | pub const MP_BUS: u32 = 1;
constant MP_IOAPIC (line 22) | pub const MP_IOAPIC: u32 = 2;
constant MP_INTSRC (line 23) | pub const MP_INTSRC: u32 = 3;
constant MP_LINTSRC (line 24) | pub const MP_LINTSRC: u32 = 4;
constant MP_TRANSLATION (line 25) | pub const MP_TRANSLATION: u32 = 192;
constant CPU_ENABLED (line 26) | pub const CPU_ENABLED: u32 = 1;
constant CPU_BOOTPROCESSOR (line 27) | pub const CPU_BOOTPROCESSOR: u32 = 2;
constant CPU_STEPPING_MASK (line 28) | pub const CPU_STEPPING_MASK: u32 = 15;
constant CPU_MODEL_MASK (line 29) | pub const CPU_MODEL_MASK: u32 = 240;
constant CPU_FAMILY_MASK (line 30) | pub const CPU_FAMILY_MASK: u32 = 3840;
constant BUSTYPE_EISA (line 31) | pub const BUSTYPE_EISA: &[u8; 5] = b"EISA\0";
constant BUSTYPE_ISA (line 32) | pub const BUSTYPE_ISA: &[u8; 4] = b"ISA\0";
constant BUSTYPE_INTERN (line 33) | pub const BUSTYPE_INTERN: &[u8; 7] = b"INTERN\0";
constant BUSTYPE_MCA (line 34) | pub const BUSTYPE_MCA: &[u8; 4] = b"MCA\0";
constant BUSTYPE_VL (line 35) | pub const BUSTYPE_VL: &[u8; 3] = b"VL\0";
constant BUSTYPE_PCI (line 36) | pub const BUSTYPE_PCI: &[u8; 4] = b"PCI\0";
constant BUSTYPE_PCMCIA (line 37) | pub const BUSTYPE_PCMCIA: &[u8; 7] = b"PCMCIA\0";
constant BUSTYPE_CBUS (line 38) | pub const BUSTYPE_CBUS: &[u8; 5] = b"CBUS\0";
constant BUSTYPE_CBUSII (line 39) | pub const BUSTYPE_CBUSII: &[u8; 7] = b"CBUSII\0";
constant BUSTYPE_FUTURE (line 40) | pub const BUSTYPE_FUTURE: &[u8; 7] = b"FUTURE\0";
constant BUSTYPE_MBI (line 41) | pub const BUSTYPE_MBI: &[u8; 4] = b"MBI\0";
constant BUSTYPE_MBII (line 42) | pub const BUSTYPE_MBII: &[u8; 5] = b"MBII\0";
constant BUSTYPE_MPI (line 43) | pub const BUSTYPE_MPI: &[u8; 4] = b"MPI\0";
constant BUSTYPE_MPSA (line 44) | pub const BUSTYPE_MPSA: &[u8; 5] = b"MPSA\0";
constant BUSTYPE_NUBUS (line 45) | pub const BUSTYPE_NUBUS: &[u8; 6] = b"NUBUS\0";
constant BUSTYPE_TC (line 46) | pub const BUSTYPE_TC: &[u8; 3] = b"TC\0";
constant BUSTYPE_VME (line 47) | pub const BUSTYPE_VME: &[u8; 4] = b"VME\0";
constant BUSTYPE_XPRESS (line 48) | pub const BUSTYPE_XPRESS: &[u8; 7] = b"XPRESS\0";
constant MPC_APIC_USABLE (line 49) | pub const MPC_APIC_USABLE: u32 = 1;
constant MP_IRQPOL_DEFAULT (line 50) | pub const MP_IRQPOL_DEFAULT: u32 = 0;
constant MP_IRQPOL_ACTIVE_HIGH (line 51) | pub const MP_IRQPOL_ACTIVE_HIGH: u32 = 1;
constant MP_IRQPOL_RESERVED (line 52) | pub const MP_IRQPOL_RESERVED: u32 = 2;
constant MP_IRQPOL_ACTIVE_LOW (line 53) | pub const MP_IRQPOL_ACTIVE_LOW: u32 = 3;
constant MP_IRQPOL_MASK (line 54) | pub const MP_IRQPOL_MASK: u32 = 3;
constant MP_IRQTRIG_DEFAULT (line 55) | pub const MP_IRQTRIG_DEFAULT: u32 = 0;
constant MP_IRQTRIG_EDGE (line 56) | pub const MP_IRQTRIG_EDGE: u32 = 4;
constant MP_IRQTRIG_RESERVED (line 57) | pub const MP_IRQTRIG_RESERVED: u32 = 8;
constant MP_IRQTRIG_LEVEL (line 58) | pub const MP_IRQTRIG_LEVEL: u32 = 12;
constant MP_IRQTRIG_MASK (line 59) | pub const MP_IRQTRIG_MASK: u32 = 12;
constant MP_APIC_ALL (line 60) | pub const MP_APIC_ALL: u32 = 255;
constant MPC_OEM_SIGNATURE (line 61) | pub const MPC_OEM_SIGNATURE: &[u8; 5] = b"_OEM\0";
type mpf_intel (line 64) | pub struct mpf_intel {
constant _ (line 77) | const _: () = {
type mpc_table (line 95) | pub struct mpc_table {
constant _ (line 109) | const _: () = {
type mpc_cpu (line 128) | pub struct mpc_cpu {
constant _ (line 138) | const _: () = {
type mpc_bus (line 152) | pub struct mpc_bus {
constant _ (line 158) | const _: () = {
type mpc_ioapic (line 167) | pub struct mpc_ioapic {
constant _ (line 175) | const _: () = {
type mpc_intsrc (line 187) | pub struct mpc_intsrc {
constant _ (line 197) | const _: () = {
type Type (line 210) | pub type Type = ::std::os::raw::c_uint;
constant mp_INT (line 211) | pub const mp_INT: Type = 0;
constant mp_NMI (line 212) | pub const mp_NMI: Type = 1;
constant mp_SMI (line 213) | pub const mp_SMI: Type = 2;
constant mp_ExtINT (line 214) | pub const mp_ExtINT: Type = 3;
type mpc_lintsrc (line 218) | pub struct mpc_lintsrc {
constant _ (line 228) | const _: () = {
type mpc_oemtable (line 247) | pub struct mpc_oemtable {
constant _ (line 255) | const _: () = {
type Type (line 268) | pub type Type = ::std::os::raw::c_uint;
constant MP_BUS_ISA (line 269) | pub const MP_BUS_ISA: Type = 1;
constant MP_BUS_EISA (line 270) | pub const MP_BUS_EISA: Type = 2;
constant MP_BUS_PCI (line 271) | pub const MP_BUS_PCI: Type = 3;
FILE: src/vmm/src/arch/x86_64/generated/msr_index.rs
constant MSR_EFER (line 19) | pub const MSR_EFER: u32 = 0xc0000080;
constant MSR_STAR (line 20) | pub const MSR_STAR: u32 = 0xc0000081;
constant MSR_LSTAR (line 21) | pub const MSR_LSTAR: u32 = 0xc0000082;
constant MSR_CSTAR (line 22) | pub const MSR_CSTAR: u32 = 0xc0000083;
constant MSR_SYSCALL_MASK (line 23) | pub const MSR_SYSCALL_MASK: u32 = 0xc0000084;
constant MSR_FS_BASE (line 24) | pub const MSR_FS_BASE: u32 = 0xc0000100;
constant MSR_GS_BASE (line 25) | pub const MSR_GS_BASE: u32 = 0xc0000101;
constant MSR_KERNEL_GS_BASE (line 26) | pub const MSR_KERNEL_GS_BASE: u32 = 0xc0000102;
constant MSR_TSC_AUX (line 27) | pub const MSR_TSC_AUX: u32 = 0xc0000103;
constant MSR_IA32_FRED_RSP0 (line 28) | pub const MSR_IA32_FRED_RSP0: u32 = 0x1cc;
constant MSR_IA32_FRED_RSP1 (line 29) | pub const MSR_IA32_FRED_RSP1: u32 = 0x1cd;
constant MSR_IA32_FRED_RSP2 (line 30) | pub const MSR_IA32_FRED_RSP2: u32 = 0x1ce;
constant MSR_IA32_FRED_RSP3 (line 31) | pub const MSR_IA32_FRED_RSP3: u32 = 0x1cf;
constant MSR_IA32_FRED_STKLVLS (line 32) | pub const MSR_IA32_FRED_STKLVLS: u32 = 0x1d0;
constant MSR_IA32_FRED_SSP1 (line 33) | pub const MSR_IA32_FRED_SSP1: u32 = 0x1d1;
constant MSR_IA32_FRED_SSP2 (line 34) | pub const MSR_IA32_FRED_SSP2: u32 = 0x1d2;
constant MSR_IA32_FRED_SSP3 (line 35) | pub const MSR_IA32_FRED_SSP3: u32 = 0x1d3;
constant MSR_IA32_FRED_CONFIG (line 36) | pub const MSR_IA32_FRED_CONFIG: u32 = 0x1d4;
constant MSR_TEST_CTRL (line 37) | pub const MSR_TEST_CTRL: u32 = 0x33;
constant MSR_TEST_CTRL_SPLIT_LOCK_DETECT_BIT (line 38) | pub const MSR_TEST_CTRL_SPLIT_LOCK_DETECT_BIT: u32 = 0x1d;
constant MSR_IA32_SPEC_CTRL (line 39) | pub const MSR_IA32_SPEC_CTRL: u32 = 0x48;
constant MSR_IA32_PRED_CMD (line 40) | pub const MSR_IA32_PRED_CMD: u32 = 0x49;
constant MSR_PPIN_CTL (line 41) | pub const MSR_PPIN_CTL: u32 = 0x4e;
constant MSR_PPIN (line 42) | pub const MSR_PPIN: u32 = 0x4f;
constant MSR_IA32_PERFCTR0 (line 43) | pub const MSR_IA32_PERFCTR0: u32 = 0xc1;
constant MSR_IA32_PERFCTR1 (line 44) | pub const MSR_IA32_PERFCTR1: u32 = 0xc2;
constant MSR_FSB_FREQ (line 45) | pub const MSR_FSB_FREQ: u32 = 0xcd;
constant MSR_PLATFORM_INFO (line 46) | pub const MSR_PLATFORM_INFO: u32 = 0xce;
constant MSR_PLATFORM_INFO_CPUID_FAULT_BIT (line 47) | pub const MSR_PLATFORM_INFO_CPUID_FAULT_BIT: u32 = 0x1f;
constant MSR_IA32_UMWAIT_CONTROL (line 48) | pub const MSR_IA32_UMWAIT_CONTROL: u32 = 0xe1;
constant MSR_IA32_UMWAIT_CONTROL_TIME_MASK (line 49) | pub const MSR_IA32_UMWAIT_CONTROL_TIME_MASK: i32 = -4;
constant MSR_IA32_CORE_CAPS (line 50) | pub const MSR_IA32_CORE_CAPS: u32 = 0xcf;
constant MSR_IA32_CORE_CAPS_INTEGRITY_CAPS_BIT (line 51) | pub const MSR_IA32_CORE_CAPS_INTEGRITY_CAPS_BIT: u32 = 0x2;
constant MSR_IA32_CORE_CAPS_SPLIT_LOCK_DETECT_BIT (line 52) | pub const MSR_IA32_CORE_CAPS_SPLIT_LOCK_DETECT_BIT: u32 = 0x5;
constant MSR_PKG_CST_CONFIG_CONTROL (line 53) | pub const MSR_PKG_CST_CONFIG_CONTROL: u32 = 0xe2;
constant MSR_MTRRcap (line 54) | pub const MSR_MTRRcap: u32 = 0xfe;
constant MSR_IA32_ARCH_CAPABILITIES (line 55) | pub const MSR_IA32_ARCH_CAPABILITIES: u32 = 0x10a;
constant MSR_IA32_FLUSH_CMD (line 56) | pub const MSR_IA32_FLUSH_CMD: u32 = 0x10b;
constant MSR_IA32_BBL_CR_CTL (line 57) | pub const MSR_IA32_BBL_CR_CTL: u32 = 0x119;
constant MSR_IA32_BBL_CR_CTL3 (line 58) | pub const MSR_IA32_BBL_CR_CTL3: u32 = 0x11e;
constant MSR_IA32_TSX_CTRL (line 59) | pub const MSR_IA32_TSX_CTRL: u32 = 0x122;
constant MSR_IA32_MCU_OPT_CTRL (line 60) | pub const MSR_IA32_MCU_OPT_CTRL: u32 = 0x123;
constant MSR_IA32_SYSENTER_CS (line 61) | pub const MSR_IA32_SYSENTER_CS: u32 = 0x174;
constant MSR_IA32_SYSENTER_ESP (line 62) | pub const MSR_IA32_SYSENTER_ESP: u32 = 0x175;
constant MSR_IA32_SYSENTER_EIP (line 63) | pub const MSR_IA32_SYSENTER_EIP: u32 = 0x176;
constant MSR_IA32_MCG_CAP (line 64) | pub const MSR_IA32_MCG_CAP: u32 = 0x179;
constant MSR_IA32_MCG_STATUS (line 65) | pub const MSR_IA32_MCG_STATUS: u32 = 0x17a;
constant MSR_IA32_MCG_CTL (line 66) | pub const MSR_IA32_MCG_CTL: u32 = 0x17b;
constant MSR_ERROR_CONTROL (line 67) | pub const MSR_ERROR_CONTROL: u32 = 0x17f;
constant MSR_IA32_MCG_EXT_CTL (line 68) | pub const MSR_IA32_MCG_EXT_CTL: u32 = 0x4d0;
constant MSR_OFFCORE_RSP_0 (line 69) | pub const MSR_OFFCORE_RSP_0: u32 = 0x1a6;
constant MSR_OFFCORE_RSP_1 (line 70) | pub const MSR_OFFCORE_RSP_1: u32 = 0x1a7;
constant MSR_TURBO_RATIO_LIMIT (line 71) | pub const MSR_TURBO_RATIO_LIMIT: u32 = 0x1ad;
constant MSR_TURBO_RATIO_LIMIT1 (line 72) | pub const MSR_TURBO_RATIO_LIMIT1: u32 = 0x1ae;
constant MSR_TURBO_RATIO_LIMIT2 (line 73) | pub const MSR_TURBO_RATIO_LIMIT2: u32 = 0x1af;
constant MSR_SNOOP_RSP_0 (line 74) | pub const MSR_SNOOP_RSP_0: u32 = 0x1328;
constant MSR_SNOOP_RSP_1 (line 75) | pub const MSR_SNOOP_RSP_1: u32 = 0x1329;
constant MSR_LBR_SELECT (line 76) | pub const MSR_LBR_SELECT: u32 = 0x1c8;
constant MSR_LBR_TOS (line 77) | pub const MSR_LBR_TOS: u32 = 0x1c9;
constant MSR_IA32_POWER_CTL (line 78) | pub const MSR_IA32_POWER_CTL: u32 = 0x1fc;
constant MSR_IA32_POWER_CTL_BIT_EE (line 79) | pub const MSR_IA32_POWER_CTL_BIT_EE: u32 = 0x13;
constant MSR_INTEGRITY_CAPS (line 80) | pub const MSR_INTEGRITY_CAPS: u32 = 0x2d9;
constant MSR_INTEGRITY_CAPS_ARRAY_BIST_BIT (line 81) | pub const MSR_INTEGRITY_CAPS_ARRAY_BIST_BIT: u32 = 0x2;
constant MSR_INTEGRITY_CAPS_PERIODIC_BIST_BIT (line 82) | pub const MSR_INTEGRITY_CAPS_PERIODIC_BIST_BIT: u32 = 0x4;
constant MSR_INTEGRITY_CAPS_SBAF_BIT (line 83) | pub const MSR_INTEGRITY_CAPS_SBAF_BIT: u32 = 0x8;
constant MSR_LBR_NHM_FROM (line 84) | pub const MSR_LBR_NHM_FROM: u32 = 0x680;
constant MSR_LBR_NHM_TO (line 85) | pub const MSR_LBR_NHM_TO: u32 = 0x6c0;
constant MSR_LBR_CORE_FROM (line 86) | pub const MSR_LBR_CORE_FROM: u32 = 0x40;
constant MSR_LBR_CORE_TO (line 87) | pub const MSR_LBR_CORE_TO: u32 = 0x60;
constant MSR_LBR_INFO_0 (line 88) | pub const MSR_LBR_INFO_0: u32 = 0xdc0;
constant MSR_ARCH_LBR_CTL (line 89) | pub const MSR_ARCH_LBR_CTL: u32 = 0x14ce;
constant MSR_ARCH_LBR_DEPTH (line 90) | pub const MSR_ARCH_LBR_DEPTH: u32 = 0x14cf;
constant MSR_ARCH_LBR_FROM_0 (line 91) | pub const MSR_ARCH_LBR_FROM_0: u32 = 0x1500;
constant MSR_ARCH_LBR_TO_0 (line 92) | pub const MSR_ARCH_LBR_TO_0: u32 = 0x1600;
constant MSR_ARCH_LBR_INFO_0 (line 93) | pub const MSR_ARCH_LBR_INFO_0: u32 = 0x1200;
constant MSR_IA32_PEBS_ENABLE (line 94) | pub const MSR_IA32_PEBS_ENABLE: u32 = 0x3f1;
constant MSR_PEBS_DATA_CFG (line 95) | pub const MSR_PEBS_DATA_CFG: u32 = 0x3f2;
constant MSR_IA32_DS_AREA (line 96) | pub const MSR_IA32_DS_AREA: u32 = 0x600;
constant MSR_IA32_PERF_CAPABILITIES (line 97) | pub const MSR_IA32_PERF_CAPABILITIES: u32 = 0x345;
constant MSR_PEBS_LD_LAT_THRESHOLD (line 98) | pub const MSR_PEBS_LD_LAT_THRESHOLD: u32 = 0x3f6;
constant MSR_IA32_RTIT_CTL (line 99) | pub const MSR_IA32_RTIT_CTL: u32 = 0x570;
constant MSR_IA32_RTIT_STATUS (line 100) | pub const MSR_IA32_RTIT_STATUS: u32 = 0x571;
constant MSR_IA32_RTIT_ADDR0_A (line 101) | pub const MSR_IA32_RTIT_ADDR0_A: u32 = 0x580;
constant MSR_IA32_RTIT_ADDR0_B (line 102) | pub const MSR_IA32_RTIT_ADDR0_B: u32 = 0x581;
constant MSR_IA32_RTIT_ADDR1_A (line 103) | pub const MSR_IA32_RTIT_ADDR1_A: u32 = 0x582;
constant MSR_IA32_RTIT_ADDR1_B (line 104) | pub const MSR_IA32_RTIT_ADDR1_B: u32 = 0x583;
constant MSR_IA32_RTIT_ADDR2_A (line 105) | pub const MSR_IA32_RTIT_ADDR2_A: u32 = 0x584;
constant MSR_IA32_RTIT_ADDR2_B (line 106) | pub const MSR_IA32_RTIT_ADDR2_B: u32 = 0x585;
constant MSR_IA32_RTIT_ADDR3_A (line 107) | pub const MSR_IA32_RTIT_ADDR3_A: u32 = 0x586;
constant MSR_IA32_RTIT_ADDR3_B (line 108) | pub const MSR_IA32_RTIT_ADDR3_B: u32 = 0x587;
constant MSR_IA32_RTIT_CR3_MATCH (line 109) | pub const MSR_IA32_RTIT_CR3_MATCH: u32 = 0x572;
constant MSR_IA32_RTIT_OUTPUT_BASE (line 110) | pub const MSR_IA32_RTIT_OUTPUT_BASE: u32 = 0x560;
constant MSR_IA32_RTIT_OUTPUT_MASK (line 111) | pub const MSR_IA32_RTIT_OUTPUT_MASK: u32 = 0x561;
constant MSR_MTRRfix64K_00000 (line 112) | pub const MSR_MTRRfix64K_00000: u32 = 0x250;
constant MSR_MTRRfix16K_80000 (line 113) | pub const MSR_MTRRfix16K_80000: u32 = 0x258;
constant MSR_MTRRfix16K_A0000 (line 114) | pub const MSR_MTRRfix16K_A0000: u32 = 0x259;
constant MSR_MTRRfix4K_C0000 (line 115) | pub const MSR_MTRRfix4K_C0000: u32 = 0x268;
constant MSR_MTRRfix4K_C8000 (line 116) | pub const MSR_MTRRfix4K_C8000: u32 = 0x269;
constant MSR_MTRRfix4K_D0000 (line 117) | pub const MSR_MTRRfix4K_D0000: u32 = 0x26a;
constant MSR_MTRRfix4K_D8000 (line 118) | pub const MSR_MTRRfix4K_D8000: u32 = 0x26b;
constant MSR_MTRRfix4K_E0000 (line 119) | pub const MSR_MTRRfix4K_E0000: u32 = 0x26c;
constant MSR_MTRRfix4K_E8000 (line 120) | pub const MSR_MTRRfix4K_E8000: u32 = 0x26d;
constant MSR_MTRRfix4K_F0000 (line 121) | pub const MSR_MTRRfix4K_F0000: u32 = 0x26e;
constant MSR_MTRRfix4K_F8000 (line 122) | pub const MSR_MTRRfix4K_F8000: u32 = 0x26f;
constant MSR_MTRRdefType (line 123) | pub const MSR_MTRRdefType: u32 = 0x2ff;
constant MSR_IA32_CR_PAT (line 124) | pub const MSR_IA32_CR_PAT: u32 = 0x277;
constant MSR_IA32_DEBUGCTLMSR (line 125) | pub const MSR_IA32_DEBUGCTLMSR: u32 = 0x1d9;
constant MSR_IA32_LASTBRANCHFROMIP (line 126) | pub const MSR_IA32_LASTBRANCHFROMIP: u32 = 0x1db;
constant MSR_IA32_LASTBRANCHTOIP (line 127) | pub const MSR_IA32_LASTBRANCHTOIP: u32 = 0x1dc;
constant MSR_IA32_LASTINTFROMIP (line 128) | pub const MSR_IA32_LASTINTFROMIP: u32 = 0x1dd;
constant MSR_IA32_LASTINTTOIP (line 129) | pub const MSR_IA32_LASTINTTOIP: u32 = 0x1de;
constant MSR_IA32_PASID (line 130) | pub const MSR_IA32_PASID: u32 = 0xd93;
constant MSR_PEBS_FRONTEND (line 131) | pub const MSR_PEBS_FRONTEND: u32 = 0x3f7;
constant MSR_IA32_MC0_CTL (line 132) | pub const MSR_IA32_MC0_CTL: u32 = 0x400;
constant MSR_IA32_MC0_STATUS (line 133) | pub const MSR_IA32_MC0_STATUS: u32 = 0x401;
constant MSR_IA32_MC0_ADDR (line 134) | pub const MSR_IA32_MC0_ADDR: u32 = 0x402;
constant MSR_IA32_MC0_MISC (line 135) | pub const MSR_IA32_MC0_MISC: u32 = 0x403;
constant MSR_PKG_C3_RESIDENCY (line 136) | pub const MSR_PKG_C3_RESIDENCY: u32 = 0x3f8;
constant MSR_PKG_C6_RESIDENCY (line 137) | pub const MSR_PKG_C6_RESIDENCY: u32 = 0x3f9;
constant MSR_ATOM_PKG_C6_RESIDENCY (line 138) | pub const MSR_ATOM_PKG_C6_RESIDENCY: u32 = 0x3fa;
constant MSR_PKG_C7_RESIDENCY (line 139) | pub const MSR_PKG_C7_RESIDENCY: u32 = 0x3fa;
constant MSR_CORE_C3_RESIDENCY (line 140) | pub const MSR_CORE_C3_RESIDENCY: u32 = 0x3fc;
constant MSR_CORE_C6_RESIDENCY (line 141) | pub const MSR_CORE_C6_RESIDENCY: u32 = 0x3fd;
constant MSR_CORE_C7_RESIDENCY (line 142) | pub const MSR_CORE_C7_RESIDENCY: u32 = 0x3fe;
constant MSR_KNL_CORE_C6_RESIDENCY (line 143) | pub const MSR_KNL_CORE_C6_RESIDENCY: u32 = 0x3ff;
constant MSR_PKG_C2_RESIDENCY (line 144) | pub const MSR_PKG_C2_RESIDENCY: u32 = 0x60d;
constant MSR_PKG_C8_RESIDENCY (line 145) | pub const MSR_PKG_C8_RESIDENCY: u32 = 0x630;
constant MSR_PKG_C9_RESIDENCY (line 146) | pub const MSR_PKG_C9_RESIDENCY: u32 = 0x631;
constant MSR_PKG_C10_RESIDENCY (line 147) | pub const MSR_PKG_C10_RESIDENCY: u32 = 0x632;
constant MSR_PKGC3_IRTL (line 148) | pub const MSR_PKGC3_IRTL: u32 = 0x60a;
constant MSR_PKGC6_IRTL (line 149) | pub const MSR_PKGC6_IRTL: u32 = 0x60b;
constant MSR_PKGC7_IRTL (line 150) | pub const MSR_PKGC7_IRTL: u32 = 0x60c;
constant MSR_PKGC8_IRTL (line 151) | pub const MSR_PKGC8_IRTL: u32 = 0x633;
constant MSR_PKGC9_IRTL (line 152) | pub const MSR_PKGC9_IRTL: u32 = 0x634;
constant MSR_PKGC10_IRTL (line 153) | pub const MSR_PKGC10_IRTL: u32 = 0x635;
constant MSR_VR_CURRENT_CONFIG (line 154) | pub const MSR_VR_CURRENT_CONFIG: u32 = 0x601;
constant MSR_RAPL_POWER_UNIT (line 155) | pub const MSR_RAPL_POWER_UNIT: u32 = 0x606;
constant MSR_PKG_POWER_LIMIT (line 156) | pub const MSR_PKG_POWER_LIMIT: u32 = 0x610;
constant MSR_PKG_ENERGY_STATUS (line 157) | pub const MSR_PKG_ENERGY_STATUS: u32 = 0x611;
constant MSR_PKG_PERF_STATUS (line 158) | pub const MSR_PKG_PERF_STATUS: u32 = 0x613;
constant MSR_PKG_POWER_INFO (line 159) | pub const MSR_PKG_POWER_INFO: u32 = 0x614;
constant MSR_DRAM_POWER_LIMIT (line 160) | pub const MSR_DRAM_POWER_LIMIT: u32 = 0x618;
constant MSR_DRAM_ENERGY_STATUS (line 161) | pub const MSR_DRAM_ENERGY_STATUS: u32 = 0x619;
constant MSR_DRAM_PERF_STATUS (line 162) | pub const MSR_DRAM_PERF_STATUS: u32 = 0x61b;
constant MSR_DRAM_POWER_INFO (line 163) | pub const MSR_DRAM_POWER_INFO: u32 = 0x61c;
constant MSR_PP0_POWER_LIMIT (line 164) | pub const MSR_PP0_POWER_LIMIT: u32 = 0x638;
constant MSR_PP0_ENERGY_STATUS (line 165) | pub const MSR_PP0_ENERGY_STATUS: u32 = 0x639;
constant MSR_PP0_POLICY (line 166) | pub const MSR_PP0_POLICY: u32 = 0x63a;
constant MSR_PP0_PERF_STATUS (line 167) | pub const MSR_PP0_PERF_STATUS: u32 = 0x63b;
constant MSR_PP1_POWER_LIMIT (line 168) | pub const MSR_PP1_POWER_LIMIT: u32 = 0x640;
constant MSR_PP1_ENERGY_STATUS (line 169) | pub const MSR_PP1_ENERGY_STATUS: u32 = 0x641;
constant MSR_PP1_POLICY (line 170) | pub const MSR_PP1_POLICY: u32 = 0x642;
constant MSR_AMD_RAPL_POWER_UNIT (line 171) | pub const MSR_AMD_RAPL_POWER_UNIT: u32 = 0xc0010299;
constant MSR_AMD_CORE_ENERGY_STATUS (line 172) | pub const MSR_AMD_CORE_ENERGY_STATUS: u32 = 0xc001029a;
constant MSR_AMD_PKG_ENERGY_STATUS (line 173) | pub const MSR_AMD_PKG_ENERGY_STATUS: u32 = 0xc001029b;
constant MSR_CONFIG_TDP_NOMINAL (line 174) | pub const MSR_CONFIG_TDP_NOMINAL: u32 = 0x648;
constant MSR_CONFIG_TDP_LEVEL_1 (line 175) | pub const MSR_CONFIG_TDP_LEVEL_1: u32 = 0x649;
constant MSR_CONFIG_TDP_LEVEL_2 (line 176) | pub const MSR_CONFIG_TDP_LEVEL_2: u32 = 0x64a;
constant MSR_CONFIG_TDP_CONTROL (line 177) | pub const MSR_CONFIG_TDP_CONTROL: u32 = 0x64b;
constant MSR_TURBO_ACTIVATION_RATIO (line 178) | pub const MSR_TURBO_ACTIVATION_RATIO: u32 = 0x64c;
constant MSR_PLATFORM_ENERGY_STATUS (line 179) | pub const MSR_PLATFORM_ENERGY_STATUS: u32 = 0x64d;
constant MSR_SECONDARY_TURBO_RATIO_LIMIT (line 180) | pub const MSR_SECONDARY_TURBO_RATIO_LIMIT: u32 = 0x650;
constant MSR_PKG_WEIGHTED_CORE_C0_RES (line 181) | pub const MSR_PKG_WEIGHTED_CORE_C0_RES: u32 = 0x658;
constant MSR_PKG_ANY_CORE_C0_RES (line 182) | pub const MSR_PKG_ANY_CORE_C0_RES: u32 = 0x659;
constant MSR_PKG_ANY_GFXE_C0_RES (line 183) | pub const MSR_PKG_ANY_GFXE_C0_RES: u32 = 0x65a;
constant MSR_PKG_BOTH_CORE_GFXE_C0_RES (line 184) | pub const MSR_PKG_BOTH_CORE_GFXE_C0_RES: u32 = 0x65b;
constant MSR_CORE_C1_RES (line 185) | pub const MSR_CORE_C1_RES: u32 = 0x660;
constant MSR_MODULE_C6_RES_MS (line 186) | pub const MSR_MODULE_C6_RES_MS: u32 = 0x664;
constant MSR_CC6_DEMOTION_POLICY_CONFIG (line 187) | pub const MSR_CC6_DEMOTION_POLICY_CONFIG: u32 = 0x668;
constant MSR_MC6_DEMOTION_POLICY_CONFIG (line 188) | pub const MSR_MC6_DEMOTION_POLICY_CONFIG: u32 = 0x669;
constant MSR_ATOM_CORE_RATIOS (line 189) | pub const MSR_ATOM_CORE_RATIOS: u32 = 0x66a;
constant MSR_ATOM_CORE_VIDS (line 190) | pub const MSR_ATOM_CORE_VIDS: u32 = 0x66b;
constant MSR_ATOM_CORE_TURBO_RATIOS (line 191) | pub const MSR_ATOM_CORE_TURBO_RATIOS: u32 = 0x66c;
constant MSR_ATOM_CORE_TURBO_VIDS (line 192) | pub const MSR_ATOM_CORE_TURBO_VIDS: u32 = 0x66d;
constant MSR_CORE_PERF_LIMIT_REASONS (line 193) | pub const MSR_CORE_PERF_LIMIT_REASONS: u32 = 0x690;
constant MSR_GFX_PERF_LIMIT_REASONS (line 194) | pub const MSR_GFX_PERF_LIMIT_REASONS: u32 = 0x6b0;
constant MSR_RING_PERF_LIMIT_REASONS (line 195) | pub const MSR_RING_PERF_LIMIT_REASONS: u32 = 0x6b1;
constant MSR_IA32_U_CET (line 196) | pub const MSR_IA32_U_CET: u32 = 0x6a0;
constant MSR_IA32_S_CET (line 197) | pub const MSR_IA32_S_CET: u32 = 0x6a2;
constant MSR_IA32_PL0_SSP (line 198) | pub const MSR_IA32_PL0_SSP: u32 = 0x6a4;
constant MSR_IA32_PL1_SSP (line 199) | pub const MSR_IA32_PL1_SSP: u32 = 0x6a5;
constant MSR_IA32_PL2_SSP (line 200) | pub const MSR_IA32_PL2_SSP: u32 = 0x6a6;
constant MSR_IA32_PL3_SSP (line 201) | pub const MSR_IA32_PL3_SSP: u32 = 0x6a7;
constant MSR_IA32_INT_SSP_TAB (line 202) | pub const MSR_IA32_INT_SSP_TAB: u32 = 0x6a8;
constant MSR_PPERF (line 203) | pub const MSR_PPERF: u32 = 0x64e;
constant MSR_PERF_LIMIT_REASONS (line 204) | pub const MSR_PERF_LIMIT_REASONS: u32 = 0x64f;
constant MSR_PM_ENABLE (line 205) | pub const MSR_PM_ENABLE: u32 = 0x770;
constant MSR_HWP_CAPABILITIES (line 206) | pub const MSR_HWP_CAPABILITIES: u32 = 0x771;
constant MSR_HWP_REQUEST_PKG (line 207) | pub const MSR_HWP_REQUEST_PKG: u32 = 0x772;
constant MSR_HWP_INTERRUPT (line 208) | pub const MSR_HWP_INTERRUPT: u32 = 0x773;
constant MSR_HWP_REQUEST (line 209) | pub const MSR_HWP_REQUEST: u32 = 0x774;
constant MSR_HWP_STATUS (line 210) | pub const MSR_HWP_STATUS: u32 = 0x777;
constant MSR_AMD64_MC0_MASK (line 211) | pub const MSR_AMD64_MC0_MASK: u32 = 0xc0010044;
constant MSR_IA32_MC0_CTL2 (line 212) | pub const MSR_IA32_MC0_CTL2: u32 = 0x280;
constant MSR_P6_PERFCTR0 (line 213) | pub const MSR_P6_PERFCTR0: u32 = 0xc1;
constant MSR_P6_PERFCTR1 (line 214) | pub const MSR_P6_PERFCTR1: u32 = 0xc2;
constant MSR_P6_EVNTSEL0 (line 215) | pub const MSR_P6_EVNTSEL0: u32 = 0x186;
constant MSR_P6_EVNTSEL1 (line 216) | pub const MSR_P6_EVNTSEL1: u32 = 0x187;
constant MSR_KNC_PERFCTR0 (line 217) | pub const MSR_KNC_PERFCTR0: u32 = 0x20;
constant MSR_KNC_PERFCTR1 (line 218) | pub const MSR_KNC_PERFCTR1: u32 = 0x21;
constant MSR_KNC_EVNTSEL0 (line 219) | pub const MSR_KNC_EVNTSEL0: u32 = 0x28;
constant MSR_KNC_EVNTSEL1 (line 220) | pub const MSR_KNC_EVNTSEL1: u32 = 0x29;
constant MSR_IA32_PMC0 (line 221) | pub const MSR_IA32_PMC0: u32 = 0x4c1;
constant MSR_RELOAD_PMC0 (line 222) | pub const MSR_RELOAD_PMC0: u32 = 0x14c1;
constant MSR_RELOAD_FIXED_CTR0 (line 223) | pub const MSR_RELOAD_FIXED_CTR0: u32 = 0x1309;
constant MSR_IA32_PMC_V6_GP0_CTR (line 224) | pub const MSR_IA32_PMC_V6_GP0_CTR: u32 = 0x1900;
constant MSR_IA32_PMC_V6_GP0_CFG_A (line 225) | pub const MSR_IA32_PMC_V6_GP0_CFG_A: u32 = 0x1901;
constant MSR_IA32_PMC_V6_FX0_CTR (line 226) | pub const MSR_IA32_PMC_V6_FX0_CTR: u32 = 0x1980;
constant MSR_IA32_PMC_V6_STEP (line 227) | pub const MSR_IA32_PMC_V6_STEP: u32 = 0x4;
constant MSR_IA32_MKTME_KEYID_PARTITIONING (line 228) | pub const MSR_IA32_MKTME_KEYID_PARTITIONING: u32 = 0x87;
constant MSR_AMD64_PATCH_LEVEL (line 229) | pub const MSR_AMD64_PATCH_LEVEL: u32 = 0x8b;
constant MSR_AMD64_TSC_RATIO (line 230) | pub const MSR_AMD64_TSC_RATIO: u32 = 0xc0000104;
constant MSR_AMD64_NB_CFG (line 231) | pub const MSR_AMD64_NB_CFG: u32 = 0xc001001f;
constant MSR_AMD64_PATCH_LOADER (line 232) | pub const MSR_AMD64_PATCH_LOADER: u32 = 0xc0010020;
constant MSR_AMD_PERF_CTL (line 233) | pub const MSR_AMD_PERF_CTL: u32 = 0xc0010062;
constant MSR_AMD_PERF_STATUS (line 234) | pub const MSR_AMD_PERF_STATUS: u32 = 0xc0010063;
constant MSR_AMD_PSTATE_DEF_BASE (line 235) | pub const MSR_AMD_PSTATE_DEF_BASE: u32 = 0xc0010064;
constant MSR_AMD64_OSVW_ID_LENGTH (line 236) | pub const MSR_AMD64_OSVW_ID_LENGTH: u32 = 0xc0010140;
constant MSR_AMD64_OSVW_STATUS (line 237) | pub const MSR_AMD64_OSVW_STATUS: u32 = 0xc0010141;
constant MSR_AMD_PPIN_CTL (line 238) | pub const MSR_AMD_PPIN_CTL: u32 = 0xc00102f0;
constant MSR_AMD_PPIN (line 239) | pub const MSR_AMD_PPIN: u32 = 0xc00102f1;
constant MSR_AMD64_CPUID_FN_1 (line 240) | pub const MSR_AMD64_CPUID_FN_1: u32 = 0xc0011004;
constant MSR_AMD64_LS_CFG (line 241) | pub const MSR_AMD64_LS_CFG: u32 = 0xc0011020;
constant MSR_AMD64_DC_CFG (line 242) | pub const MSR_AMD64_DC_CFG: u32 = 0xc0011022;
constant MSR_AMD64_TW_CFG (line 243) | pub const MSR_AMD64_TW_CFG: u32 = 0xc0011023;
constant MSR_AMD64_DE_CFG (line 244) | pub const MSR_AMD64_DE_CFG: u32 = 0xc0011029;
constant MSR_AMD64_DE_CFG_LFENCE_SERIALIZE_BIT (line 245) | pub const MSR_AMD64_DE_CFG_LFENCE_SERIALIZE_BIT: u32 = 0x1;
constant MSR_AMD64_DE_CFG_ZEN2_FP_BACKUP_FIX_BIT (line 246) | pub const MSR_AMD64_DE_CFG_ZEN2_FP_BACKUP_FIX_BIT: u32 = 0x9;
constant MSR_AMD64_BU_CFG2 (line 247) | pub const MSR_AMD64_BU_CFG2: u32 = 0xc001102a;
constant MSR_AMD64_IBSFETCHCTL (line 248) | pub const MSR_AMD64_IBSFETCHCTL: u32 = 0xc0011030;
constant MSR_AMD64_IBSFETCHLINAD (line 249) | pub const MSR_AMD64_IBSFETCHLINAD: u32 = 0xc0011031;
constant MSR_AMD64_IBSFETCHPHYSAD (line 250) | pub const MSR_AMD64_IBSFETCHPHYSAD: u32 = 0xc0011032;
constant MSR_AMD64_IBSFETCH_REG_COUNT (line 251) | pub const MSR_AMD64_IBSFETCH_REG_COUNT: u32 = 0x3;
constant MSR_AMD64_IBSFETCH_REG_MASK (line 252) | pub const MSR_AMD64_IBSFETCH_REG_MASK: u32 = 0x7;
constant MSR_AMD64_IBSOPCTL (line 253) | pub const MSR_AMD64_IBSOPCTL: u32 = 0xc0011033;
constant MSR_AMD64_IBSOPRIP (line 254) | pub const MSR_AMD64_IBSOPRIP: u32 = 0xc0011034;
constant MSR_AMD64_IBSOPDATA (line 255) | pub const MSR_AMD64_IBSOPDATA: u32 = 0xc0011035;
constant MSR_AMD64_IBSOPDATA2 (line 256) | pub const MSR_AMD64_IBSOPDATA2: u32 = 0xc0011036;
constant MSR_AMD64_IBSOPDATA3 (line 257) | pub const MSR_AMD64_IBSOPDATA3: u32 = 0xc0011037;
constant MSR_AMD64_IBSDCLINAD (line 258) | pub const MSR_AMD64_IBSDCLINAD: u32 = 0xc0011038;
constant MSR_AMD64_IBSDCPHYSAD (line 259) | pub const MSR_AMD64_IBSDCPHYSAD: u32 = 0xc0011039;
constant MSR_AMD64_IBSOP_REG_COUNT (line 260) | pub const MSR_AMD64_IBSOP_REG_COUNT: u32 = 0x7;
constant MSR_AMD64_IBSOP_REG_MASK (line 261) | pub const MSR_AMD64_IBSOP_REG_MASK: u32 = 0x7f;
constant MSR_AMD64_IBSCTL (line 262) | pub const MSR_AMD64_IBSCTL: u32 = 0xc001103a;
constant MSR_AMD64_IBSBRTARGET (line 263) | pub const MSR_AMD64_IBSBRTARGET: u32 = 0xc001103b;
constant MSR_AMD64_ICIBSEXTDCTL (line 264) | pub const MSR_AMD64_ICIBSEXTDCTL: u32 = 0xc001103c;
constant MSR_AMD64_IBSOPDATA4 (line 265) | pub const MSR_AMD64_IBSOPDATA4: u32 = 0xc001103d;
constant MSR_AMD64_IBS_REG_COUNT_MAX (line 266) | pub const MSR_AMD64_IBS_REG_COUNT_MAX: u32 = 0x8;
constant MSR_AMD64_SVM_AVIC_DOORBELL (line 267) | pub const MSR_AMD64_SVM_AVIC_DOORBELL: u32 = 0xc001011b;
constant MSR_AMD64_VM_PAGE_FLUSH (line 268) | pub const MSR_AMD64_VM_PAGE_FLUSH: u32 = 0xc001011e;
constant MSR_AMD64_SEV_ES_GHCB (line 269) | pub const MSR_AMD64_SEV_ES_GHCB: u32 = 0xc0010130;
constant MSR_AMD64_SEV (line 270) | pub const MSR_AMD64_SEV: u32 = 0xc0010131;
constant MSR_AMD64_SEV_ENABLED_BIT (line 271) | pub const MSR_AMD64_SEV_ENABLED_BIT: u32 = 0x0;
constant MSR_AMD64_SEV_ES_ENABLED_BIT (line 272) | pub const MSR_AMD64_SEV_ES_ENABLED_BIT: u32 = 0x1;
constant MSR_AMD64_SEV_SNP_ENABLED_BIT (line 273) | pub const MSR_AMD64_SEV_SNP_ENABLED_BIT: u32 = 0x2;
constant MSR_AMD64_SNP_VTOM_BIT (line 274) | pub const MSR_AMD64_SNP_VTOM_BIT: u32 = 0x3;
constant MSR_AMD64_SNP_REFLECT_VC_BIT (line 275) | pub const MSR_AMD64_SNP_REFLECT_VC_BIT: u32 = 0x4;
constant MSR_AMD64_SNP_RESTRICTED_INJ_BIT (line 276) | pub const MSR_AMD64_SNP_RESTRICTED_INJ_BIT: u32 = 0x5;
constant MSR_AMD64_SNP_ALT_INJ_BIT (line 277) | pub const MSR_AMD64_SNP_ALT_INJ_BIT: u32 = 0x6;
constant MSR_AMD64_SNP_DEBUG_SWAP_BIT (line 278) | pub const MSR_AMD64_SNP_DEBUG_SWAP_BIT: u32 = 0x7;
constant MSR_AMD64_SNP_PREVENT_HOST_IBS_BIT (line 279) | pub const MSR_AMD64_SNP_PREVENT_HOST_IBS_BIT: u32 = 0x8;
constant MSR_AMD64_SNP_BTB_ISOLATION_BIT (line 280) | pub const MSR_AMD64_SNP_BTB_ISOLATION_BIT: u32 = 0x9;
constant MSR_AMD64_SNP_VMPL_SSS_BIT (line 281) | pub const MSR_AMD64_SNP_VMPL_SSS_BIT: u32 = 0xa;
constant MSR_AMD64_SNP_SECURE_TSC_BIT (line 282) | pub const MSR_AMD64_SNP_SECURE_TSC_BIT: u32 = 0xb;
constant MSR_AMD64_SNP_VMGEXIT_PARAM_BIT (line 283) | pub const MSR_AMD64_SNP_VMGEXIT_PARAM_BIT: u32 = 0xc;
constant MSR_AMD64_SNP_IBS_VIRT_BIT (line 284) | pub const MSR_AMD64_SNP_IBS_VIRT_BIT: u32 = 0xe;
constant MSR_AMD64_SNP_VMSA_REG_PROT_BIT (line 285) | pub const MSR_AMD64_SNP_VMSA_REG_PROT_BIT: u32 = 0x10;
constant MSR_AMD64_SNP_SMT_PROT_BIT (line 286) | pub const MSR_AMD64_SNP_SMT_PROT_BIT: u32 = 0x11;
constant MSR_AMD64_SNP_RESV_BIT (line 287) | pub const MSR_AMD64_SNP_RESV_BIT: u32 = 0x12;
constant MSR_AMD64_VIRT_SPEC_CTRL (line 288) | pub const MSR_AMD64_VIRT_SPEC_CTRL: u32 = 0xc001011f;
constant MSR_AMD64_RMP_BASE (line 289) | pub const MSR_AMD64_RMP_BASE: u32 = 0xc0010132;
constant MSR_AMD64_RMP_END (line 290) | pub const MSR_AMD64_RMP_END: u32 = 0xc0010133;
constant MSR_SVSM_CAA (line 291) | pub const MSR_SVSM_CAA: u32 = 0xc001f000;
constant MSR_AMD_CPPC_CAP1 (line 292) | pub const MSR_AMD_CPPC_CAP1: u32 = 0xc00102b0;
constant MSR_AMD_CPPC_ENABLE (line 293) | pub const MSR_AMD_CPPC_ENABLE: u32 = 0xc00102b1;
constant MSR_AMD_CPPC_CAP2 (line 294) | pub const MSR_AMD_CPPC_CAP2: u32 = 0xc00102b2;
constant MSR_AMD_CPPC_REQ (line 295) | pub const MSR_AMD_CPPC_REQ: u32 = 0xc00102b3;
constant MSR_AMD_CPPC_STATUS (line 296) | pub const MSR_AMD_CPPC_STATUS: u32 = 0xc00102b4;
constant MSR_AMD64_PERF_CNTR_GLOBAL_STATUS (line 297) | pub const MSR_AMD64_PERF_CNTR_GLOBAL_STATUS: u32 = 0xc0000300;
constant MSR_AMD64_PERF_CNTR_GLOBAL_CTL (line 298) | pub const MSR_AMD64_PERF_CNTR_GLOBAL_CTL: u32 = 0xc0000301;
constant MSR_AMD64_PERF_CNTR_GLOBAL_STATUS_CLR (line 299) | pub const MSR_AMD64_PERF_CNTR_GLOBAL_STATUS_CLR: u32 = 0xc0000302;
constant MSR_AMD64_LBR_SELECT (line 300) | pub const MSR_AMD64_LBR_SELECT: u32 = 0xc000010e;
constant MSR_ZEN4_BP_CFG (line 301) | pub const MSR_ZEN4_BP_CFG: u32 = 0xc001102e;
constant MSR_ZEN4_BP_CFG_SHARED_BTB_FIX_BIT (line 302) | pub const MSR_ZEN4_BP_CFG_SHARED_BTB_FIX_BIT: u32 = 0x5;
constant MSR_F19H_UMC_PERF_CTL (line 303) | pub const MSR_F19H_UMC_PERF_CTL: u32 = 0xc0010800;
constant MSR_F19H_UMC_PERF_CTR (line 304) | pub const MSR_F19H_UMC_PERF_CTR: u32 = 0xc0010801;
constant MSR_ZEN2_SPECTRAL_CHICKEN (line 305) | pub const MSR_ZEN2_SPECTRAL_CHICKEN: u32 = 0xc00110e3;
constant MSR_F17H_IRPERF (line 306) | pub const MSR_F17H_IRPERF: u32 = 0xc00000e9;
constant MSR_F16H_L2I_PERF_CTL (line 307) | pub const MSR_F16H_L2I_PERF_CTL: u32 = 0xc0010230;
constant MSR_F16H_L2I_PERF_CTR (line 308) | pub const MSR_F16H_L2I_PERF_CTR: u32 = 0xc0010231;
constant MSR_F16H_DR1_ADDR_MASK (line 309) | pub const MSR_F16H_DR1_ADDR_MASK: u32 = 0xc0011019;
constant MSR_F16H_DR2_ADDR_MASK (line 310) | pub const MSR_F16H_DR2_ADDR_MASK: u32 = 0xc001101a;
constant MSR_F16H_DR3_ADDR_MASK (line 311) | pub const MSR_F16H_DR3_ADDR_MASK: u32 = 0xc001101b;
constant MSR_F16H_DR0_ADDR_MASK (line 312) | pub const MSR_F16H_DR0_ADDR_MASK: u32 = 0xc0011027;
constant MSR_F15H_CU_PWR_ACCUMULATOR (line 313) | pub const MSR_F15H_CU_PWR_ACCUMULATOR: u32 = 0xc001007a;
constant MSR_F15H_CU_MAX_PWR_ACCUMULATOR (line 314) | pub const MSR_F15H_CU_MAX_PWR_ACCUMULATOR: u32 = 0xc001007b;
constant MSR_F15H_PERF_CTL (line 315) | pub const MSR_F15H_PERF_CTL: u32 = 0xc0010200;
constant MSR_F15H_PERF_CTL0 (line 316) | pub const MSR_F15H_PERF_CTL0: u32 = 0xc0010200;
constant MSR_F15H_PERF_CTL1 (line 317) | pub const MSR_F15H_PERF_CTL1: u32 = 0xc0010202;
constant MSR_F15H_PERF_CTL2 (line 318) | pub const MSR_F15H_PERF_CTL2: u32 = 0xc0010204;
constant MSR_F15H_PERF_CTL3 (line 319) | pub const MSR_F15H_PERF_CTL3: u32 = 0xc0010206;
constant MSR_F15H_PERF_CTL4 (line 320) | pub const MSR_F15H_PERF_CTL4: u32 = 0xc0010208;
constant MSR_F15H_PERF_CTL5 (line 321) | pub const MSR_F15H_PERF_CTL5: u32 = 0xc001020a;
constant MSR_F15H_PERF_CTR (line 322) | pub const MSR_F15H_PERF_CTR: u32 = 0xc0010201;
constant MSR_F15H_PERF_CTR0 (line 323) | pub const MSR_F15H_PERF_CTR0: u32 = 0xc0010201;
constant MSR_F15H_PERF_CTR1 (line 324) | pub const MSR_F15H_PERF_CTR1: u32 = 0xc0010203;
constant MSR_F15H_PERF_CTR2 (line 325) | pub const MSR_F15H_PERF_CTR2: u32 = 0xc0010205;
constant MSR_F15H_PERF_CTR3 (line 326) | pub const MSR_F15H_PERF_CTR3: u32 = 0xc0010207;
constant MSR_F15H_PERF_CTR4 (line 327) | pub const MSR_F15H_PERF_CTR4: u32 = 0xc0010209;
constant MSR_F15H_PERF_CTR5 (line 328) | pub const MSR_F15H_PERF_CTR5: u32 = 0xc001020b;
constant MSR_F15H_NB_PERF_CTL (line 329) | pub const MSR_F15H_NB_PERF_CTL: u32 = 0xc0010240;
constant MSR_F15H_NB_PERF_CTR (line 330) | pub const MSR_F15H_NB_PERF_CTR: u32 = 0xc0010241;
constant MSR_F15H_PTSC (line 331) | pub const MSR_F15H_PTSC: u32 = 0xc0010280;
constant MSR_F15H_IC_CFG (line 332) | pub const MSR_F15H_IC_CFG: u32 = 0xc0011021;
constant MSR_F15H_EX_CFG (line 333) | pub const MSR_F15H_EX_CFG: u32 = 0xc001102c;
constant MSR_FAM10H_MMIO_CONF_BASE (line 334) | pub const MSR_FAM10H_MMIO_CONF_BASE: u32 = 0xc0010058;
constant MSR_FAM10H_NODE_ID (line 335) | pub const MSR_FAM10H_NODE_ID: u32 = 0xc001100c;
constant MSR_K8_TOP_MEM1 (line 336) | pub const MSR_K8_TOP_MEM1: u32 = 0xc001001a;
constant MSR_K8_TOP_MEM2 (line 337) | pub const MSR_K8_TOP_MEM2: u32 = 0xc001001d;
constant MSR_AMD64_SYSCFG (line 338) | pub const MSR_AMD64_SYSCFG: u32 = 0xc0010010;
constant MSR_AMD64_SYSCFG_MEM_ENCRYPT_BIT (line 339) | pub const MSR_AMD64_SYSCFG_MEM_ENCRYPT_BIT: u32 = 0x17;
constant MSR_AMD64_SYSCFG_SNP_EN_BIT (line 340) | pub const MSR_AMD64_SYSCFG_SNP_EN_BIT: u32 = 0x18;
constant MSR_AMD64_SYSCFG_SNP_VMPL_EN_BIT (line 341) | pub const MSR_AMD64_SYSCFG_SNP_VMPL_EN_BIT: u32 = 0x19;
constant MSR_AMD64_SYSCFG_MFDM_BIT (line 342) | pub const MSR_AMD64_SYSCFG_MFDM_BIT: u32 = 0x13;
constant MSR_K8_INT_PENDING_MSG (line 343) | pub const MSR_K8_INT_PENDING_MSG: u32 = 0xc0010055;
constant MSR_K8_TSEG_ADDR (line 344) | pub const MSR_K8_TSEG_ADDR: u32 = 0xc0010112;
constant MSR_K8_TSEG_MASK (line 345) | pub const MSR_K8_TSEG_MASK: u32 = 0xc0010113;
constant MSR_K7_EVNTSEL0 (line 346) | pub const MSR_K7_EVNTSEL0: u32 = 0xc0010000;
constant MSR_K7_PERFCTR0 (line 347) | pub const MSR_K7_PERFCTR0: u32 = 0xc0010004;
constant MSR_K7_EVNTSEL1 (line 348) | pub const MSR_K7_EVNTSEL1: u32 = 0xc0010001;
constant MSR_K7_PERFCTR1 (line 349) | pub const MSR_K7_PERFCTR1: u32 = 0xc0010005;
constant MSR_K7_EVNTSEL2 (line 350) | pub const MSR_K7_EVNTSEL2: u32 = 0xc0010002;
constant MSR_K7_PERFCTR2 (line 351) | pub const MSR_K7_PERFCTR2: u32 = 0xc0010006;
constant MSR_K7_EVNTSEL3 (line 352) | pub const MSR_K7_EVNTSEL3: u32 = 0xc0010003;
constant MSR_K7_PERFCTR3 (line 353) | pub const MSR_K7_PERFCTR3: u32 = 0xc0010007;
constant MSR_K7_CLK_CTL (line 354) | pub const MSR_K7_CLK_CTL: u32 = 0xc001001b;
constant MSR_K7_HWCR (line 355) | pub const MSR_K7_HWCR: u32 = 0xc0010015;
constant MSR_K7_HWCR_SMMLOCK_BIT (line 356) | pub const MSR_K7_HWCR_SMMLOCK_BIT: u32 = 0x0;
constant MSR_K7_HWCR_IRPERF_EN_BIT (line 357) | pub const MSR_K7_HWCR_IRPERF_EN_BIT: u32 = 0x1e;
constant MSR_K7_FID_VID_CTL (line 358) | pub const MSR_K7_FID_VID_CTL: u32 = 0xc0010041;
constant MSR_K7_FID_VID_STATUS (line 359) | pub const MSR_K7_FID_VID_STATUS: u32 = 0xc0010042;
constant MSR_K7_HWCR_CPB_DIS_BIT (line 360) | pub const MSR_K7_HWCR_CPB_DIS_BIT: u32 = 0x19;
constant MSR_K6_WHCR (line 361) | pub const MSR_K6_WHCR: u32 = 0xc0000082;
constant MSR_K6_UWCCR (line 362) | pub const MSR_K6_UWCCR: u32 = 0xc0000085;
constant MSR_K6_EPMR (line 363) | pub const MSR_K6_EPMR: u32 = 0xc0000086;
constant MSR_K6_PSOR (line 364) | pub const MSR_K6_PSOR: u32 = 0xc0000087;
constant MSR_K6_PFIR (line 365) | pub const MSR_K6_PFIR: u32 = 0xc0000088;
constant MSR_IDT_FCR1 (line 366) | pub const MSR_IDT_FCR1: u32 = 0x107;
constant MSR_IDT_FCR2 (line 367) | pub const MSR_IDT_FCR2: u32 = 0x108;
constant MSR_IDT_FCR3 (line 368) | pub const MSR_IDT_FCR3: u32 = 0x109;
constant MSR_IDT_FCR4 (line 369) | pub const MSR_IDT_FCR4: u32 = 0x10a;
constant MSR_IDT_MCR0 (line 370) | pub const MSR_IDT_MCR0: u32 = 0x110;
constant MSR_IDT_MCR1 (line 371) | pub const MSR_IDT_MCR1: u32 = 0x111;
constant MSR_IDT_MCR2 (line 372) | pub const MSR_IDT_MCR2: u32 = 0x112;
constant MSR_IDT_MCR3 (line 373) | pub const MSR_IDT_MCR3: u32 = 0x113;
constant MSR_IDT_MCR4 (line 374) | pub const MSR_IDT_MCR4: u32 = 0x114;
constant MSR_IDT_MCR5 (line 375) | pub const MSR_IDT_MCR5: u32 = 0x115;
constant MSR_IDT_MCR6 (line 376) | pub const MSR_IDT_MCR6: u32 = 0x116;
constant MSR_IDT_MCR7 (line 377) | pub const MSR_IDT_MCR7: u32 = 0x117;
constant MSR_IDT_MCR_CTRL (line 378) | pub const MSR_IDT_MCR_CTRL: u32 = 0x120;
constant MSR_VIA_FCR (line 379) | pub const MSR_VIA_FCR: u32 = 0x1107;
constant MSR_VIA_LONGHAUL (line 380) | pub const MSR_VIA_LONGHAUL: u32 = 0x110a;
constant MSR_VIA_RNG (line 381) | pub const MSR_VIA_RNG: u32 = 0x110b;
constant MSR_VIA_BCR2 (line 382) | pub const MSR_VIA_BCR2: u32 = 0x1147;
constant MSR_TMTA_LONGRUN_CTRL (line 383) | pub const MSR_TMTA_LONGRUN_CTRL: u32 = 0x80868010;
constant MSR_TMTA_LONGRUN_FLAGS (line 384) | pub const MSR_TMTA_LONGRUN_FLAGS: u32 = 0x80868011;
constant MSR_TMTA_LRTI_READOUT (line 385) | pub const MSR_TMTA_LRTI_READOUT: u32 = 0x80868018;
constant MSR_TMTA_LRTI_VOLT_MHZ (line 386) | pub const MSR_TMTA_LRTI_VOLT_MHZ: u32 = 0x8086801a;
constant MSR_IA32_P5_MC_ADDR (line 387) | pub const MSR_IA32_P5_MC_ADDR: u32 = 0x0;
constant MSR_IA32_P5_MC_TYPE (line 388) | pub const MSR_IA32_P5_MC_TYPE: u32 = 0x1;
constant MSR_IA32_TSC (line 389) | pub const MSR_IA32_TSC: u32 = 0x10;
constant MSR_IA32_PLATFORM_ID (line 390) | pub const MSR_IA32_PLATFORM_ID: u32 = 0x17;
constant MSR_IA32_EBL_CR_POWERON (line 391) | pub const MSR_IA32_EBL_CR_POWERON: u32 = 0x2a;
constant MSR_EBC_FREQUENCY_ID (line 392) | pub const MSR_EBC_FREQUENCY_ID: u32 = 0x2c;
constant MSR_SMI_COUNT (line 393) | pub const MSR_SMI_COUNT: u32 = 0x34;
constant MSR_IA32_FEAT_CTL (line 394) | pub const MSR_IA32_FEAT_CTL: u32 = 0x3a;
constant MSR_IA32_TSC_ADJUST (line 395) | pub const MSR_IA32_TSC_ADJUST: u32 = 0x3b;
constant MSR_IA32_BNDCFGS (line 396) | pub const MSR_IA32_BNDCFGS: u32 = 0xd90;
constant MSR_IA32_BNDCFGS_RSVD (line 397) | pub const MSR_IA32_BNDCFGS_RSVD: u32 = 0xffc;
constant MSR_IA32_XFD (line 398) | pub const MSR_IA32_XFD: u32 = 0x1c4;
constant MSR_IA32_XFD_ERR (line 399) | pub const MSR_IA32_XFD_ERR: u32 = 0x1c5;
constant MSR_IA32_XSS (line 400) | pub const MSR_IA32_XSS: u32 = 0xda0;
constant MSR_IA32_APICBASE (line 401) | pub const MSR_IA32_APICBASE: u32 = 0x1b;
constant MSR_IA32_APICBASE_BSP (line 402) | pub const MSR_IA32_APICBASE_BSP: u32 = 0x100;
constant MSR_IA32_APICBASE_ENABLE (line 403) | pub const MSR_IA32_APICBASE_ENABLE: u32 = 0x800;
constant MSR_IA32_APICBASE_BASE (line 404) | pub const MSR_IA32_APICBASE_BASE: u32 = 0xfffff000;
constant MSR_IA32_UCODE_WRITE (line 405) | pub const MSR_IA32_UCODE_WRITE: u32 = 0x79;
constant MSR_IA32_UCODE_REV (line 406) | pub const MSR_IA32_UCODE_REV: u32 = 0x8b;
constant MSR_IA32_SGXLEPUBKEYHASH0 (line 407) | pub const MSR_IA32_SGXLEPUBKEYHASH0: u32 = 0x8c;
constant MSR_IA32_SGXLEPUBKEYHASH1 (line 408) | pub const MSR_IA32_SGXLEPUBKEYHASH1: u32 = 0x8d;
constant MSR_IA32_SGXLEPUBKEYHASH2 (line 409)
Condensed preview — 755 files, each showing path, character count, and a content snippet. Download the .json file or copy for the full structured content (7,960K chars).
[
{
"path": ".buildkite/common.py",
"chars": 13642,
"preview": "# Copyright 2023 Amazon.com, Inc. or its affiliates. All Rights Reserved.\n# SPDX-License-Identifier: Apache-2.0\n\n\"\"\"\nCom"
},
{
"path": ".buildkite/pipeline_coverage.py",
"chars": 460,
"preview": "#!/usr/bin/env python3\n# Copyright 2025 Amazon.com, Inc. or its affiliates. All Rights Reserved.\n# SPDX-License-Identifi"
},
{
"path": ".buildkite/pipeline_cpu_template.py",
"chars": 5749,
"preview": "#!/usr/bin/env python3\n# Copyright 2023 Amazon.com, Inc. or its affiliates. All Rights Reserved.\n# SPDX-License-Identifi"
},
{
"path": ".buildkite/pipeline_cross.py",
"chars": 3809,
"preview": "#!/usr/bin/env python3\n# Copyright 2023 Amazon.com, Inc. or its affiliates. All Rights Reserved.\n# SPDX-License-Identifi"
},
{
"path": ".buildkite/pipeline_docker_popular.py",
"chars": 1111,
"preview": "#!/usr/bin/env python3\n# Copyright 2025 Amazon.com, Inc. or its affiliates. All Rights Reserved.\n# SPDX-License-Identifi"
},
{
"path": ".buildkite/pipeline_perf.py",
"chars": 7054,
"preview": "#!/usr/bin/env python3\n# Copyright 2023 Amazon.com, Inc. or its affiliates. All Rights Reserved.\n# SPDX-License-Identifi"
},
{
"path": ".buildkite/pipeline_pr.py",
"chars": 2815,
"preview": "#!/usr/bin/env python3\n# Copyright 2022 Amazon.com, Inc. or its affiliates. All Rights Reserved.\n# SPDX-License-Identifi"
},
{
"path": ".buildkite/pipeline_pr_no_block.py",
"chars": 905,
"preview": "#!/usr/bin/env python3\n# Copyright 2023 Amazon.com, Inc. or its affiliates. All Rights Reserved.\n# SPDX-License-Identifi"
},
{
"path": ".buildkite/pipeline_release_qa.py",
"chars": 2552,
"preview": "#!/usr/bin/env python3\n# Copyright 2025 Amazon.com, Inc. or its affiliates. All Rights Reserved.\n# SPDX-License-Identifi"
},
{
"path": ".cargo/audit.toml",
"chars": 347,
"preview": "[advisories]\n# The `paste` dependency is transitively included via `gdbstub`.\n# While the crate is archived/unmaintained"
},
{
"path": ".cargo/config.toml",
"chars": 310,
"preview": "[build]\ntarget-dir = \"build/cargo_target\"\nrustflags = [\n \"-Ccodegen-units=1\",\n]\n\n[net]\ngit-fetch-with-cli = true\n\n[env]"
},
{
"path": ".dockerignore",
"chars": 87,
"preview": ".git/\nbuild/\nsrc/\ntests/\ndocs/\nresources/\ntools/test-popular-containers/\ntest_results/\n"
},
{
"path": ".git-blame-ignore-revs",
"chars": 205,
"preview": "8d2463fa21386d6c0c90b2010aaee5550b505c87\nae93e49470433648b144a64514eef708cce15143\n45739f4b57b7b824473b612aefebec8b7c2e31"
},
{
"path": ".github/CODEOWNERS",
"chars": 637,
"preview": "# All markdown files\n*.md @xmarcalx @kalyazin @pb8o @Manciukic\n\n# But not the ones in docs/\ndocs/*.md\n\n# Except these sp"
},
{
"path": ".github/ISSUE_TEMPLATE/bug_report.md",
"chars": 1083,
"preview": "---\nname: Bug report\nabout: Create a report to help us improve\ntitle: '[Bug] Title'\nlabels: 'Quality: Bug'\nassignees: ''"
},
{
"path": ".github/ISSUE_TEMPLATE/feature_request.md",
"chars": 907,
"preview": "---\nname: Feature request\nabout: Suggest an idea for this project\ntitle: '[Feature Request] Title'\nlabels: ''\nassignees:"
},
{
"path": ".github/codecov.yml",
"chars": 909,
"preview": "codecov:\n # We utilize optional statuses that are okay to fail, so\n # having codecov only post if all statuses pass wo"
},
{
"path": ".github/dependabot.yml",
"chars": 875,
"preview": "version: 2\nupdates:\n - package-ecosystem: \"cargo\"\n directory: \"/\"\n schedule:\n interval: \"weekly\"\n day: "
},
{
"path": ".github/pull_request_template.md",
"chars": 1565,
"preview": "## Changes\n\n...\n\n## Reason\n\n...\n\n## License Acceptance\n\nBy submitting this pull request, I confirm that my contribution "
},
{
"path": ".github/workflows/deny_dirty_cargo_locks.yml",
"chars": 1099,
"preview": "name: Check no Cargo.lock files are dirty\n\non: pull_request\n\n\npermissions:\n contents: read\n\njobs:\n no_dirty_cargo_lock"
},
{
"path": ".github/workflows/dependency_modification_check.yml",
"chars": 481,
"preview": "name: Check no dependencies were modified\n\non: pull_request\n\n\npermissions:\n contents: read\n\njobs:\n dependency_changed_"
},
{
"path": ".github/workflows/monitor_libseccomp_releases.yml",
"chars": 2779,
"preview": "name: Monitor libseccomp Releases\n\non:\n schedule:\n - cron: '0 0 * * *' # Daily at midnight UTC\n workflow_dispatch:"
},
{
"path": ".github/workflows/send_pr_notification.yml",
"chars": 790,
"preview": "name: Send notification on PR opened\n\non:\n pull_request_target:\n types: [labeled]\n\n\npermissions: {}\n\njobs:\n send_no"
},
{
"path": ".github/workflows/send_release_notification.yml",
"chars": 497,
"preview": "name: Send notification on release created\n\non:\n release:\n types: [published]\n\n\npermissions: {}\n\njobs:\n send_notifi"
},
{
"path": ".github/workflows/trigger_ab_tests.yml",
"chars": 1950,
"preview": "on:\n push:\n branches:\n - main\n - firecracker-v*\n - feature/*\n\n\npermissions:\n contents: read\n\njobs:\n "
},
{
"path": ".gitignore",
"chars": 189,
"preview": "/build/\n/.ipython/\n/.kernel/\ntarget\n*.rs.bk\n*.iml\n.idea\n__pycache__\n*.pyc\n.vscode\ntest_results/*\ntags\n*.core\n*.profraw\n."
},
{
"path": ".gitlint",
"chars": 675,
"preview": "[general]\nregex-style-search=True\n\n[title-max-length]\nline-length=72\n\n[body-max-line-length]\nline-length=72\n\n[ignore-bod"
},
{
"path": ".mailmap",
"chars": 2317,
"preview": "Alexandra Iordache <aghecen@amazon.com> Alexandra Ghecenco <aghecen@amazon.com>\nAlexandru Branciog <branciog@amazon.com>"
},
{
"path": ".mdformat.toml",
"chars": 131,
"preview": "wrap = 80\n# Defaults from https://mdformat.readthedocs.io/en/stable/users/configuration_file.html\nnumber = false\nend_of_"
},
{
"path": ".python-version",
"chars": 8,
"preview": "3.10.14\n"
},
{
"path": "CHANGELOG.md",
"chars": 90321,
"preview": "# Changelog\n\nAll notable changes to this project will be documented in this file.\n\nThe format is based on [Keep a Change"
},
{
"path": "CHARTER.md",
"chars": 1585,
"preview": "# Firecracker Charter\n\n## Mission\n\nOur mission is to enable secure, multi-tenant, minimal-overhead execution of\ncontaine"
},
{
"path": "CODE_OF_CONDUCT.md",
"chars": 355,
"preview": "# Code of Conduct\n\nThis project has adopted the\n[Amazon Open Source Code of Conduct](https://aws.github.io/code-of-condu"
},
{
"path": "CONTRIBUTING.md",
"chars": 9478,
"preview": "# Contributions Welcome\n\nFirecracker is running serverless workloads at scale within AWS, but it's still\nday 1 on the jo"
},
{
"path": "CREDITS.md",
"chars": 11559,
"preview": "# Firecracker Credits and Thanks\n\n(This file is autogenerated using [update-credits.sh](tools/update-credits.sh).)\n\nFire"
},
{
"path": "Cargo.toml",
"chars": 1178,
"preview": "[workspace]\nmembers = [\"src/*\"]\n# We exclude the jailer below so that it does not get build by default. This is because "
},
{
"path": "DEPRECATED.md",
"chars": 1425,
"preview": "# Deprecated Features\n\nThe following functionality of Firecracker is deprecated, and will be removed in\na future major F"
},
{
"path": "FAQ.md",
"chars": 12077,
"preview": "# Firecracker Frequently Asked Questions\n\n## About Firecracker\n\n### What is Firecracker?\n\nFirecracker is an open source "
},
{
"path": "LICENSE",
"chars": 11358,
"preview": "\n Apache License\n Version 2.0, January 2004\n "
},
{
"path": "MAINTAINERS.md",
"chars": 381,
"preview": "# Maintainers\n\nFirecracker is maintained by a dedicated team within Amazon:\n\n- Babis Chalios <bchalios@amazon.com>\n- Ego"
},
{
"path": "NOTICE",
"chars": 535,
"preview": "Firecracker\nCopyright 2017-2020 Amazon.com, Inc. or its affiliates. All Rights Reserved.\nSPDX-License-Identifier: Apache"
},
{
"path": "PGP-KEY.asc",
"chars": 1417,
"preview": "-----BEGIN PGP PUBLIC KEY BLOCK-----\n\nmDMEXoNLVhYJKwYBBAHaRw8BAQdA/RBM+jgzq6EXzTc7zDmDgcSNENKJqZ7djI7G\nIz1Os720TkZpcmVjc"
},
{
"path": "README.md",
"chars": 8769,
"preview": "<picture>\n <source media=\"(prefers-color-scheme: dark)\" srcset=\"docs/images/fc_logo_full_transparent-bg_white-fg.png\">"
},
{
"path": "SECURITY.md",
"chars": 524,
"preview": "## Reporting Security Issues\n\nWe take all security reports seriously. When we receive such reports, we will\ninvestigate "
},
{
"path": "SPECIFICATION.md",
"chars": 3816,
"preview": "# Specification\n\nThe specifications below quantify Firecracker's promise to enable\nminimal-overhead execution of contain"
},
{
"path": "THIRD-PARTY",
"chars": 1562,
"preview": "// Copyright 2017 The Chromium OS Authors. All rights reserved.\n//\n// Redistribution and use in source and binary forms,"
},
{
"path": "deny.toml",
"chars": 197,
"preview": "[licenses]\nversion = 2\nallow = [\n \"MIT\",\n \"Apache-2.0\",\n \"BSD-3-Clause\",\n \"ISC\",\n \"Unicode-3.0\",\n \"Ope"
},
{
"path": "docs/RELEASE_POLICY.md",
"chars": 7755,
"preview": "# Firecracker Release Policy\n\nThis document describes Firecracker release planning, API support, and the\nFirecracker rel"
},
{
"path": "docs/api-change-runbook.md",
"chars": 13141,
"preview": "# Runbook for Firecracker API changes\n\nThis runbook will cover triaging API changes and ways to implement them\nappropria"
},
{
"path": "docs/api_requests/actions.md",
"chars": 1928,
"preview": "# Actions API Request\n\nFirecracker microVMs can execute actions that can be triggered via `PUT`\nrequests on the `/action"
},
{
"path": "docs/api_requests/block-caching.md",
"chars": 2376,
"preview": "# Block device caching strategies\n\nFirecracker offers the possiblity of choosing the block device caching strategy.\nCach"
},
{
"path": "docs/api_requests/block-io-engine.md",
"chars": 6129,
"preview": "# Block device IO engine\n\nFor all Firecracker versions prior to v1.0.0, the emulated block device uses a\nsynchronous IO "
},
{
"path": "docs/api_requests/block-vhost-user.md",
"chars": 10327,
"preview": "# Vhost-user block device\n\n> [!WARNING]\n>\n> Support is currently in **developer preview**. See\n> [this section](../RELEA"
},
{
"path": "docs/api_requests/patch-block.md",
"chars": 5735,
"preview": "# Updating block devices after boot\n\n## Updating Virtio block devices after boot\n\nFirecracker offers support to update a"
},
{
"path": "docs/api_requests/patch-network-interface.md",
"chars": 2089,
"preview": "# Updating A Network Interface\n\nAfter the microVM is started, the rate limiters assigned to a network interface\ncan be u"
},
{
"path": "docs/ballooning.md",
"chars": 21370,
"preview": "# Using the balloon device with Firecracker\n\n## What is the balloon device\n\nA memory balloon device is a virtio device t"
},
{
"path": "docs/cpu_templates/boot-protocol.md",
"chars": 993,
"preview": "# Boot protocol register settings\n\nFirecracker makes certain modifications to the guest's registers regardless of\nwhethe"
},
{
"path": "docs/cpu_templates/cpu-template-helper.md",
"chars": 11239,
"preview": "# CPU template helper tool\n\nThe `cpu-template-helper` tool is a program designed to assist users with\ncreating and manag"
},
{
"path": "docs/cpu_templates/cpu-templates.md",
"chars": 10674,
"preview": "# CPU templates\n\nFirecracker allows users to customise how the vCPUs are represented to the guest\nsoftware by changing t"
},
{
"path": "docs/cpu_templates/cpuid-normalization.md",
"chars": 5085,
"preview": "# CPUID normalization (x86_64 only)\n\nOn x86_64, Firecracker makes certain modifications to the guest's CPUID\nregardless "
},
{
"path": "docs/cpu_templates/schema.json",
"chars": 5996,
"preview": "{\n \"$schema\": \"https://json-schema.org/draft/2020-12/schema\",\n \"$id\": \"https://github.com/firecracker-microvm/fire"
},
{
"path": "docs/design.md",
"chars": 9244,
"preview": "# Firecracker Design\n\n## Scope\n\n### What is Firecracker\n\nFirecracker is a new virtualization technology that enables cus"
},
{
"path": "docs/dev-machine-setup.md",
"chars": 8981,
"preview": "# Setting up a Development Environment for Firecracker\n\nFirecracker uses KVM for the actual resource virtualization, hen"
},
{
"path": "docs/device-api.md",
"chars": 20410,
"preview": "# Device\n\nThe Device-API following functionality matrix indicates which devices are\nrequired for an API call to be usabl"
},
{
"path": "docs/entropy.md",
"chars": 2313,
"preview": "# Using the Firecracker entropy device\n\n## What is the entropy device\n\nAn entropy device is a [`virtio-rng` device][1] t"
},
{
"path": "docs/formal-verification.md",
"chars": 9213,
"preview": "# Formal Verification in Firecracker\n\nAccording to Firecracker’s\n[threat model](https://github.com/firecracker-microvm/f"
},
{
"path": "docs/gdb-debugging.md",
"chars": 3770,
"preview": "# GDB Debugging with Firecracker\n\n**The GDB feature is not for production use.**\n\nFirecracker supports debugging the gue"
},
{
"path": "docs/getting-started.md",
"chars": 14424,
"preview": "# Getting Started with Firecracker\n\n**All resources are used for demonstration purposes and are not intended for\nproduct"
},
{
"path": "docs/hugepages.md",
"chars": 2966,
"preview": "# Backing Guest Memory by Huge Pages\n\nFirecracker supports backing the guest memory of a VM by 2MB hugetlbfs pages.\nThis"
},
{
"path": "docs/images/vsock-connections.drawio",
"chars": 153660,
"preview": "<mxfile host=\"drawio.corp.amazon.com\" modified=\"2020-04-10T07:43:56.895Z\" agent=\"Mozilla/5.0 (Macintosh; Intel Mac OS X "
},
{
"path": "docs/initrd.md",
"chars": 1585,
"preview": "# Creating and using an initrd for Firecracker\n\n## Creating\n\n### Based on alpine or suse\n\nYou can use the script found\n["
},
{
"path": "docs/jailer.md",
"chars": 16795,
"preview": "# The Firecracker Jailer\n\n## Disclaimer\n\nThe jailer is a program designed to isolate the Firecracker process in order to"
},
{
"path": "docs/kernel-policy.md",
"chars": 8866,
"preview": "# Firecracker's Kernel Support Policy\n\nFirecracker is tightly coupled with the guest and host kernels on which it is\nrun"
},
{
"path": "docs/logger.md",
"chars": 2354,
"preview": "# Firecracker logger Configuration\n\nFor the logging capability, Firecracker uses a single Logger object. The Logger\ncan "
},
{
"path": "docs/memory-hotplug.md",
"chars": 12483,
"preview": "# Memory Hotplugging with virtio-mem\n\n## What is virtio-mem\n\n`virtio-mem` is a para-virtualized memory device that enabl"
},
{
"path": "docs/metrics.md",
"chars": 9877,
"preview": "# Firecracker Metrics Configuration\n\nFor the metrics capability, Firecracker uses a single Metrics system. This\nsystem c"
},
{
"path": "docs/mmds/mmds-design.md",
"chars": 11118,
"preview": "# microVM Metadata Service\n\nMMDS consists of three major logical components: the backend, the data store,\nand the minima"
},
{
"path": "docs/mmds/mmds-user-guide.md",
"chars": 16204,
"preview": "# microVM Metadata Service\n\nThe Firecracker microVM Metadata Service (MMDS) is a mutable data store which\ncan be used fo"
},
{
"path": "docs/network-performance.md",
"chars": 2778,
"preview": "# Firecracker network performance numbers\n\nThis document provides details about Firecracker network performance. The\nnum"
},
{
"path": "docs/network-setup.md",
"chars": 15407,
"preview": "# Getting Started Firecracker Network Setup\n\nThis is a simple quick-start guide to getting one or more Firecracker micro"
},
{
"path": "docs/pmem.md",
"chars": 8361,
"preview": "# Using the Firecracker `virtio-pmem` device\n\n## What is a persistent memory device\n\nPersistent memory is a type of non-"
},
{
"path": "docs/prod-host-setup.md",
"chars": 20304,
"preview": "# Production Host Setup Recommendations\n\nFirecracker relies on KVM and on the processor virtualization features for\nwork"
},
{
"path": "docs/pvh.md",
"chars": 843,
"preview": "# PVH boot mode\n\nFirecracker supports booting x86 kernels in \"PVH direct boot\" mode\n[as specified by the Xen project](ht"
},
{
"path": "docs/rootfs-and-kernel-setup.md",
"chars": 6991,
"preview": "# Creating Custom rootfs and kernel Images\n\n## Creating a Linux kernel Image\n\n### Manual compilation\n\nCurrently, Firecra"
},
{
"path": "docs/seccomp.md",
"chars": 3742,
"preview": "# Seccomp in Firecracker\n\nSeccomp filters are used by default to limit the host system calls Firecracker\ncan use. The de"
},
{
"path": "docs/seccompiler.md",
"chars": 6369,
"preview": "# Seccompiler - overview and user guide\n\n## Overview\n\nSeccompiler-bin is a tool that compiles seccomp filters expressed "
},
{
"path": "docs/snapshotting/handling-page-faults-on-snapshot-resume.md",
"chars": 8211,
"preview": "# Handling snapshot memory loading\n\nFirecracker allows for a better management of the microVM's memory loading by\nlettin"
},
{
"path": "docs/snapshotting/network-for-clones.md",
"chars": 9159,
"preview": "# Network Connectivity for Clones\n\nThis document presents a strategy to ensure continued network connectivity for\nmultip"
},
{
"path": "docs/snapshotting/random-for-clones.md",
"chars": 14000,
"preview": "# Entropy for Clones\n\nThis document provides a high level perspective on the implications of restoring\nmultiple VM clone"
},
{
"path": "docs/snapshotting/snapshot-editor.md",
"chars": 2899,
"preview": "# Snapshot editor\n\nThe `snapshot-editor` is a program for modification of Firecracker snapshots.\n\n## Prior knowledge\n\nFi"
},
{
"path": "docs/snapshotting/snapshot-support.md",
"chars": 30875,
"preview": "# Firecracker Snapshotting\n\n## Table of Contents\n\n- [What is microVM snapshotting?](#about-microvm-snapshotting)\n- [Snap"
},
{
"path": "docs/snapshotting/versioning.md",
"chars": 6747,
"preview": "# Firecracker snapshot versioning\n\nThis document describes how Firecracker persists microVM state into Firecracker\nsnaps"
},
{
"path": "docs/tracing.md",
"chars": 18975,
"preview": "# Tracing\n\n## Introduction\n\nFirecracker implements a framework for instrumentation based tracing with the\naim to improve"
},
{
"path": "docs/vsock.md",
"chars": 7728,
"preview": "# Using the Firecracker Virtio-vsock Device\n\n## Table of Contents\n\n- [Prerequisites](#prerequisites)\n- [Firecracker Virt"
},
{
"path": "resources/chroot.sh",
"chars": 2628,
"preview": "#!/bin/bash\n# Copyright 2023 Amazon.com, Inc. or its affiliates. All Rights Reserved.\n# SPDX-License-Identifier: Apache-"
},
{
"path": "resources/guest_configs/DISCLAIMER.md",
"chars": 1078,
"preview": "### DISCLAIMER\n\nPlease keep this document in mind when using these guest kernel configuration\nfiles.\n\nFirecracker as a v"
},
{
"path": "resources/guest_configs/ci.config",
"chars": 354,
"preview": "CONFIG_IKCONFIG=y\nCONFIG_IKCONFIG_PROC=y\nCONFIG_MSDOS_PARTITION=y\nCONFIG_SQUASHFS_ZSTD=y\n# aarch64 only TBD split into a"
},
{
"path": "resources/guest_configs/debug.config",
"chars": 117,
"preview": "CONFIG_FRAME_POINTER=y\n# CONFIG_KGDB=y\n# CONFIG_KGDB_SERIAL_CONSOLE=y\nCONFIG_DEBUG_INFO=y\nCONFIG_DEBUG_INFO_DWARF4=y\n"
},
{
"path": "resources/guest_configs/ftrace.config",
"chars": 272,
"preview": "CONFIG_FTRACE=y\nCONFIG_FUNCTION_TRACER=y\nCONFIG_FUNCTION_GRAPH_TRACER=y\nCONFIG_IRQSOFF_TRACER=y\nCONFIG_PREEMPT_TRACER=y\n"
},
{
"path": "resources/guest_configs/microvm-kernel-ci-aarch64-5.10.config",
"chars": 79327,
"preview": "CONFIG_CC_VERSION_TEXT=\"gcc10-gcc (GCC) 10.5.0 20230707 (Red Hat 10.5.0-1)\"\nCONFIG_CC_IS_GCC=y\nCONFIG_GCC_VERSION=100500"
},
{
"path": "resources/guest_configs/microvm-kernel-ci-aarch64-6.1.config",
"chars": 86098,
"preview": "#\n# Automatically generated file; DO NOT EDIT.\n# Linux/arm64 6.1.102-1.182.amzn2023.aarch64 Kernel Configuration\n#\nCONFI"
},
{
"path": "resources/guest_configs/microvm-kernel-ci-x86_64-5.10-no-acpi.config",
"chars": 75064,
"preview": "#\n# Automatically generated file; DO NOT EDIT.\n# Linux/x86 5.10.219 Kernel Configuration\n#\nCONFIG_CC_VERSION_TEXT=\"gcc ("
},
{
"path": "resources/guest_configs/microvm-kernel-ci-x86_64-5.10.config",
"chars": 77593,
"preview": "CONFIG_CC_VERSION_TEXT=\"gcc10-gcc (GCC) 10.5.0 20230707 (Red Hat 10.5.0-1)\"\nCONFIG_CC_IS_GCC=y\nCONFIG_GCC_VERSION=100500"
},
{
"path": "resources/guest_configs/microvm-kernel-ci-x86_64-6.1.config",
"chars": 83570,
"preview": "#\n# Automatically generated file; DO NOT EDIT.\n# Linux/x86_64 6.1.102-1.182.amzn2023.x86_64 Kernel Configuration\n#\nCONFI"
},
{
"path": "resources/guest_configs/pcie.config",
"chars": 164,
"preview": "CONFIG_BLK_MQ_PCI=y\nCONFIG_PCI=y\nCONFIG_PCI_MMCONFIG=y\nCONFIG_PCI_MSI=y\nCONFIG_PCIEPORTBUS=y\nCONFIG_VIRTIO_PCI=y\nCONFIG_"
},
{
"path": "resources/guest_configs/virtio-mem.config",
"chars": 43,
"preview": "CONFIG_VIRTIO_MEM=y\nCONFIG_STRICT_DEVMEM=y\n"
},
{
"path": "resources/guest_configs/virtio-pmem.config",
"chars": 436,
"preview": "# Needed for DAX on aarch64. Will be ignored on x86_64\nCONFIG_ARM64_PMEM=y\n\nCONFIG_DEVICE_MIGRATION=y\nCONFIG_ZONE_DEVICE"
},
{
"path": "resources/guest_configs/vmclock.config",
"chars": 32,
"preview": "CONFIG_PTP_1588_CLOCK_VMCLOCK=y\n"
},
{
"path": "resources/overlay/etc/systemd/system/fcnet.service",
"chars": 132,
"preview": "[Service]\nType=oneshot\nExecStartPre=/usr/bin/udevadm settle\nExecStart=/usr/local/bin/fcnet-setup.sh\n[Install]\nWantedBy=s"
},
{
"path": "resources/overlay/etc/systemd/system/var-lib-systemd.mount",
"chars": 322,
"preview": "#\n# Mount /var/lib/systemd as a temporary filesystem\n#\n\n[Unit]\nDefaultDependencies=no\nConflicts=umount.target\nBefore=loc"
},
{
"path": "resources/overlay/usr/local/bin/devmemread.c",
"chars": 845,
"preview": "// Copyright 2024 Amazon.com, Inc. or its affiliates. All Rights Reserved.\n// SPDX-License-Identifier: Apache-2.0\n\n#incl"
},
{
"path": "resources/overlay/usr/local/bin/fast_page_fault_helper.c",
"chars": 2773,
"preview": "// Copyright 2024 Amazon.com, Inc. or its affiliates. All Rights Reserved.\n// SPDX-License-Identifier: Apache-2.0\n\n// He"
},
{
"path": "resources/overlay/usr/local/bin/fcnet-setup.sh",
"chars": 856,
"preview": "#!/usr/bin/env bash\n\n# Copyright 2021 Amazon.com, Inc. or its affiliates. All Rights Reserved.\n# SPDX-License-Identifier"
},
{
"path": "resources/overlay/usr/local/bin/fillmem.c",
"chars": 1969,
"preview": "// Copyright 2020 Amazon.com, Inc. or its affiliates. All Rights Reserved.\n// SPDX-License-Identifier: Apache-2.0\n\n#defi"
},
{
"path": "resources/overlay/usr/local/bin/go_sdk_cred_provider.go/main.go",
"chars": 658,
"preview": "package main\n\nimport (\n\t\"context\"\n\t\"fmt\"\n\t\"log\"\n\n\t\"github.com/aws/aws-sdk-go-v2/aws\"\n\t\"github.com/aws/aws-sdk-go-v2/conf"
},
{
"path": "resources/overlay/usr/local/bin/go_sdk_cred_provider_with_custom_endpoint.go/main.go",
"chars": 3101,
"preview": "package main\n\nimport (\n\t\"context\"\n\t\"fmt\"\n\t\"io/ioutil\"\n\t\"log\"\n\t\"net/http\"\n\t\"net/http/httputil\"\n\t\"os\"\n\n\t\"github.com/aws/aw"
},
{
"path": "resources/overlay/usr/local/bin/init.c",
"chars": 1283,
"preview": "// Copyright 2020 Amazon.com, Inc. or its affiliates. All Rights Reserved.\n// SPDX-License-Identifier: Apache-2.0\n\n// In"
},
{
"path": "resources/overlay/usr/local/bin/readmem.c",
"chars": 2086,
"preview": "// Copyright 2020 Amazon.com, Inc. or its affiliates. All Rights Reserved.\n// SPDX-License-Identifier: Apache-2.0\n\n// Th"
},
{
"path": "resources/patches/vmclock/5.10/0001-ptp-vmclock-add-vm-generation-counter.patch",
"chars": 7867,
"preview": "From f2309165752b4af1fb2245fb434f4b0938aecd06 Mon Sep 17 00:00:00 2001\nFrom: Babis Chalios <bchalios@amazon.es>\nDate: We"
},
{
"path": "resources/patches/vmclock/5.10/0002-ptp-vmclock-support-device-notifications.patch",
"chars": 12534,
"preview": "From b1a7ba47d96753695d9101dde049bc0808f76167 Mon Sep 17 00:00:00 2001\nFrom: Babis Chalios <bchalios@amazon.es>\nDate: We"
},
{
"path": "resources/patches/vmclock/5.10/0003-dt-bindings-ptp-Add-amazon-vmclock.patch",
"chars": 2422,
"preview": "From daf492c70d7e7a2a09d76481fd7ecbc5e99fb58f Mon Sep 17 00:00:00 2001\nFrom: David Woodhouse <dwmw@amazon.co.uk>\nDate: W"
},
{
"path": "resources/patches/vmclock/5.10/0004-ptp-ptp_vmclock-Add-device-tree-support.patch",
"chars": 4405,
"preview": "From 30468d547a380aa6db4d9e2ba8ab735daeab0694 Mon Sep 17 00:00:00 2001\nFrom: David Woodhouse <dwmw@amazon.co.uk>\nDate: W"
},
{
"path": "resources/patches/vmclock/5.10/0005-ptp-ptp_vmclock-add-VMCLOCK-to-ACPI-device-match.patch",
"chars": 1149,
"preview": "From d291cf42344f2f48557e545648bc26eea9b1828f Mon Sep 17 00:00:00 2001\nFrom: David Woodhouse <dwmw@amazon.co.uk>\nDate: W"
},
{
"path": "resources/patches/vmclock/5.10/0006-ptp-ptp_vmclock-remove-dependency-on-CONFIG_ACPI.patch",
"chars": 3789,
"preview": "From 1cb36e019ef80058db243c7a02696e17429bd0b1 Mon Sep 17 00:00:00 2001\nFrom: David Woodhouse <dwmw@amazon.co.uk>\nDate: W"
},
{
"path": "resources/patches/vmclock/5.10/0007-ptp-ptp_vmclock-return-TAI-not-UTC.patch",
"chars": 1872,
"preview": "From 726b41d6531d0e77fc20f6d7ea4b3178ade41e80 Mon Sep 17 00:00:00 2001\nFrom: David Woodhouse <dwmw@amazon.co.uk>\nDate: W"
},
{
"path": "resources/patches/vmclock/6.1/0001-ptp-vmclock-add-vm-generation-counter.patch",
"chars": 7867,
"preview": "From f2309165752b4af1fb2245fb434f4b0938aecd06 Mon Sep 17 00:00:00 2001\nFrom: Babis Chalios <bchalios@amazon.es>\nDate: We"
},
{
"path": "resources/patches/vmclock/6.1/0002-ptp-vmclock-support-device-notifications.patch",
"chars": 12534,
"preview": "From b1a7ba47d96753695d9101dde049bc0808f76167 Mon Sep 17 00:00:00 2001\nFrom: Babis Chalios <bchalios@amazon.es>\nDate: We"
},
{
"path": "resources/patches/vmclock/6.1/0003-dt-bindings-ptp-Add-amazon-vmclock.patch",
"chars": 2422,
"preview": "From daf492c70d7e7a2a09d76481fd7ecbc5e99fb58f Mon Sep 17 00:00:00 2001\nFrom: David Woodhouse <dwmw@amazon.co.uk>\nDate: W"
},
{
"path": "resources/patches/vmclock/6.1/0004-ptp-ptp_vmclock-Add-device-tree-support.patch",
"chars": 4405,
"preview": "From 30468d547a380aa6db4d9e2ba8ab735daeab0694 Mon Sep 17 00:00:00 2001\nFrom: David Woodhouse <dwmw@amazon.co.uk>\nDate: W"
},
{
"path": "resources/patches/vmclock/6.1/0005-ptp-ptp_vmclock-add-VMCLOCK-to-ACPI-device-match.patch",
"chars": 1149,
"preview": "From d291cf42344f2f48557e545648bc26eea9b1828f Mon Sep 17 00:00:00 2001\nFrom: David Woodhouse <dwmw@amazon.co.uk>\nDate: W"
},
{
"path": "resources/patches/vmclock/6.1/0006-ptp-ptp_vmclock-remove-dependency-on-CONFIG_ACPI.patch",
"chars": 3789,
"preview": "From 1cb36e019ef80058db243c7a02696e17429bd0b1 Mon Sep 17 00:00:00 2001\nFrom: David Woodhouse <dwmw@amazon.co.uk>\nDate: W"
},
{
"path": "resources/patches/vmclock/6.1/0007-ptp-ptp_vmclock-return-TAI-not-UTC.patch",
"chars": 1872,
"preview": "From 726b41d6531d0e77fc20f6d7ea4b3178ade41e80 Mon Sep 17 00:00:00 2001\nFrom: David Woodhouse <dwmw@amazon.co.uk>\nDate: W"
},
{
"path": "resources/rebuild.sh",
"chars": 9949,
"preview": "#!/bin/bash\n# Copyright 2023 Amazon.com, Inc. or its affiliates. All Rights Reserved.\n# SPDX-License-Identifier: Apache-"
},
{
"path": "resources/seccomp/aarch64-unknown-linux-musl.json",
"chars": 37316,
"preview": "{\n \"vmm\": {\n \"default_action\": \"trap\",\n \"filter_action\": \"allow\",\n \"filter\": [\n {\n "
},
{
"path": "resources/seccomp/unimplemented.json",
"chars": 331,
"preview": "{\n \"vmm\": {\n \"default_action\": \"allow\",\n \"filter_action\": \"trap\",\n \"filter\": []\n },\n \"api\""
},
{
"path": "resources/seccomp/x86_64-unknown-linux-musl.json",
"chars": 41326,
"preview": "{\n \"vmm\": {\n \"default_action\": \"trap\",\n \"filter_action\": \"allow\",\n \"filter\": [\n {\n "
},
{
"path": "rust-toolchain.toml",
"chars": 858,
"preview": "# Copyright 2023 Amazon.com, Inc. or its affiliates. All Rights Reserved.\n# SPDX-License-Identifier: Apache-2.0\n\n# We ke"
},
{
"path": "rustfmt.toml",
"chars": 222,
"preview": "comment_width = 100\nwrap_comments = true\nformat_code_in_doc_comments = true\nformat_strings = true\nimports_granularity = "
},
{
"path": "src/acpi-tables/Cargo.toml",
"chars": 542,
"preview": "[package]\nname = \"acpi_tables\"\nversion = \"0.1.0\"\nauthors = [\n \"The Cloud Hypervisor Authors\",\n \"Amazon Firecracker"
},
{
"path": "src/acpi-tables/src/aml.rs",
"chars": 59363,
"preview": "// Copyright © 2019 Intel Corporation\n// Copyright © 2023 Rivos, Inc.\n// Copyright 2024 Amazon.com, Inc. or its affiliat"
},
{
"path": "src/acpi-tables/src/dsdt.rs",
"chars": 1842,
"preview": "// Copyright 2024 Amazon.com, Inc. or its affiliates. All Rights Reserved.\n// SPDX-License-Identifier: Apache-2.0\n\nuse s"
},
{
"path": "src/acpi-tables/src/fadt.rs",
"chars": 5258,
"preview": "// Copyright 2024 Amazon.com, Inc. or its affiliates. All Rights Reserved.\n// Copyright 2023 Rivos, Inc.\n//\n// SPDX-Lice"
},
{
"path": "src/acpi-tables/src/lib.rs",
"chars": 3945,
"preview": "// Copyright © 2019 Intel Corporation\n// Copyright 2023 Rivos, Inc.\n// Copyright 2024 Amazon.com, Inc. or its affiliates"
},
{
"path": "src/acpi-tables/src/madt.rs",
"chars": 4128,
"preview": "// Copyright 2024 Amazon.com, Inc. or its affiliates. All Rights Reserved.\n// Copyright 2023 Rivos, Inc.\n//\n// SPDX-Lice"
},
{
"path": "src/acpi-tables/src/mcfg.rs",
"chars": 1816,
"preview": "// Copyright © 2019 Intel Corporation\n// Copyright © 2023 Rivos, Inc.\n// Copyright 2024 Amazon.com, Inc. or its affiliat"
},
{
"path": "src/acpi-tables/src/rsdp.rs",
"chars": 2187,
"preview": "// Copyright © 2019 Intel Corporation\n// Copyright © 2023 Rivos, Inc.\n// Copyright 2024 Amazon.com, Inc. or its affiliat"
},
{
"path": "src/acpi-tables/src/xsdt.rs",
"chars": 2057,
"preview": "// Copyright 2024 Amazon.com, Inc. or its affiliates. All Rights Reserved.\n// Copyright 2023 Rivos, Inc.\n//\n// SPDX-Lice"
},
{
"path": "src/clippy-tracing/Cargo.toml",
"chars": 598,
"preview": "[package]\nname = \"clippy-tracing\"\nversion = \"0.1.0\"\nauthors = [\"Amazon Firecracker team <firecracker-devel@amazon.com>\"]"
},
{
"path": "src/clippy-tracing/README.md",
"chars": 1541,
"preview": "# clippy-tracing\n\nA tool to add, remove and check for `log_instrument::instrument` in large\nprojects where it is infeasi"
},
{
"path": "src/clippy-tracing/src/main.rs",
"chars": 15066,
"preview": "// Copyright 2023 Amazon.com, Inc. or its affiliates. All Rights Reserved.\n// SPDX-License-Identifier: Apache-2.0\n\n//! A"
},
{
"path": "src/clippy-tracing/tests/integration_tests.rs",
"chars": 13432,
"preview": "// Copyright 2023 Amazon.com, Inc. or its affiliates. All Rights Reserved.\n// SPDX-License-Identifier: Apache-2.0\n\n// Al"
},
{
"path": "src/cpu-template-helper/Cargo.toml",
"chars": 636,
"preview": "[package]\nname = \"cpu-template-helper\"\nversion = \"1.16.0-dev\"\nauthors = [\"Amazon Firecracker team <firecracker-devel@ama"
},
{
"path": "src/cpu-template-helper/build.rs",
"chars": 2442,
"preview": "// Copyright 2024 Amazon.com, Inc. or its affiliates. All Rights Reserved.\n// SPDX-License-Identifier: Apache-2.0\n\nuse s"
},
{
"path": "src/cpu-template-helper/src/fingerprint/compare.rs",
"chars": 5338,
"preview": "// Copyright 2023 Amazon.com, Inc. or its affiliates. All Rights Reserved.\n// SPDX-License-Identifier: Apache-2.0\n\nuse s"
},
{
"path": "src/cpu-template-helper/src/fingerprint/dump.rs",
"chars": 3132,
"preview": "// Copyright 2023 Amazon.com, Inc. or its affiliates. All Rights Reserved.\n// SPDX-License-Identifier: Apache-2.0\n\nuse s"
},
{
"path": "src/cpu-template-helper/src/fingerprint/mod.rs",
"chars": 1573,
"preview": "// Copyright 2023 Amazon.com, Inc. or its affiliates. All Rights Reserved.\n// SPDX-License-Identifier: Apache-2.0\n\nuse s"
},
{
"path": "src/cpu-template-helper/src/main.rs",
"chars": 12667,
"preview": "// Copyright 2023 Amazon.com, Inc. or its affiliates. All Rights Reserved.\n// SPDX-License-Identifier: Apache-2.0\n\nuse s"
},
{
"path": "src/cpu-template-helper/src/template/dump/aarch64.rs",
"chars": 4399,
"preview": "// Copyright 2023 Amazon.com, Inc. or its affiliates. All Rights Reserved.\n// SPDX-License-Identifier: Apache-2.0\n\nuse v"
},
{
"path": "src/cpu-template-helper/src/template/dump/mod.rs",
"chars": 1155,
"preview": "// Copyright 2023 Amazon.com, Inc. or its affiliates. All Rights Reserved.\n// SPDX-License-Identifier: Apache-2.0\n\n#[cfg"
},
{
"path": "src/cpu-template-helper/src/template/dump/x86_64.rs",
"chars": 8927,
"preview": "// Copyright 2023 Amazon.com, Inc. or its affiliates. All Rights Reserved.\n// SPDX-License-Identifier: Apache-2.0\n\nuse s"
},
{
"path": "src/cpu-template-helper/src/template/mod.rs",
"chars": 160,
"preview": "// Copyright 2023 Amazon.com, Inc. or its affiliates. All Rights Reserved.\n// SPDX-License-Identifier: Apache-2.0\n\npub m"
},
{
"path": "src/cpu-template-helper/src/template/strip/aarch64.rs",
"chars": 3459,
"preview": "// Copyright 2023 Amazon.com, Inc. or its affiliates. All Rights Reserved.\n// SPDX-License-Identifier: Apache-2.0\n\nuse v"
},
{
"path": "src/cpu-template-helper/src/template/strip/mod.rs",
"chars": 6004,
"preview": "// Copyright 2023 Amazon.com, Inc. or its affiliates. All Rights Reserved.\n// SPDX-License-Identifier: Apache-2.0\n\nuse s"
},
{
"path": "src/cpu-template-helper/src/template/strip/x86_64.rs",
"chars": 8365,
"preview": "// Copyright 2023 Amazon.com, Inc. or its affiliates. All Rights Reserved.\n// SPDX-License-Identifier: Apache-2.0\n\nuse v"
},
{
"path": "src/cpu-template-helper/src/template/verify/aarch64.rs",
"chars": 2593,
"preview": "// Copyright 2023 Amazon.com, Inc. or its affiliates. All Rights Reserved.\n// SPDX-License-Identifier: Apache-2.0\n\nuse v"
},
{
"path": "src/cpu-template-helper/src/template/verify/mod.rs",
"chars": 3657,
"preview": "// Copyright 2023 Amazon.com, Inc. or its affiliates. All Rights Reserved.\n// SPDX-License-Identifier: Apache-2.0\n\nuse s"
},
{
"path": "src/cpu-template-helper/src/template/verify/x86_64.rs",
"chars": 8059,
"preview": "// Copyright 2023 Amazon.com, Inc. or its affiliates. All Rights Reserved.\n// SPDX-License-Identifier: Apache-2.0\n\nuse v"
},
{
"path": "src/cpu-template-helper/src/utils/aarch64.rs",
"chars": 3494,
"preview": "// Copyright 2023 Amazon.com, Inc. or its affiliates. All Rights Reserved.\n// SPDX-License-Identifier: Apache-2.0\n\nuse s"
},
{
"path": "src/cpu-template-helper/src/utils/mock_kernel/main.c",
"chars": 153,
"preview": "// Copyright 2024 Amazon.com, Inc. or its affiliates. All Rights Reserved.\n// SPDX-License-Identifier: Apache-2.0\n\nvoid "
},
{
"path": "src/cpu-template-helper/src/utils/mod.rs",
"chars": 8414,
"preview": "// Copyright 2023 Amazon.com, Inc. or its affiliates. All Rights Reserved.\n// SPDX-License-Identifier: Apache-2.0\n\nuse s"
},
{
"path": "src/cpu-template-helper/src/utils/x86_64.rs",
"chars": 9844,
"preview": "// Copyright 2023 Amazon.com, Inc. or its affiliates. All Rights Reserved.\n// SPDX-License-Identifier: Apache-2.0\n\nuse s"
},
{
"path": "src/firecracker/Cargo.toml",
"chars": 2090,
"preview": "[package]\nname = \"firecracker\"\nversion = \"1.16.0-dev\"\nauthors = [\"Amazon Firecracker team <firecracker-devel@amazon.com>"
},
{
"path": "src/firecracker/build.rs",
"chars": 2566,
"preview": "// Copyright 2020 Amazon.com, Inc. or its affiliates. All Rights Reserved.\n// SPDX-License-Identifier: Apache-2.0\n\nuse s"
},
{
"path": "src/firecracker/examples/README.md",
"chars": 137,
"preview": "## Test Utilities\n\nThe `examples` directory contains various small rust utilities that are used in\nfirecracker's integra"
},
{
"path": "src/firecracker/examples/seccomp/harmless.rs",
"chars": 442,
"preview": "// Copyright 2018 Amazon.com, Inc. or its affiliates. All Rights Reserved.\n// SPDX-License-Identifier: Apache-2.0\nfn mai"
},
{
"path": "src/firecracker/examples/seccomp/jailer.rs",
"chars": 746,
"preview": "// Copyright 2018 Amazon.com, Inc. or its affiliates. All Rights Reserved.\n// SPDX-License-Identifier: Apache-2.0\nuse st"
},
{
"path": "src/firecracker/examples/seccomp/malicious.rs",
"chars": 480,
"preview": "// Copyright 2018 Amazon.com, Inc. or its affiliates. All Rights Reserved.\n// SPDX-License-Identifier: Apache-2.0\nfn mai"
},
{
"path": "src/firecracker/examples/seccomp/panic.rs",
"chars": 534,
"preview": "// Copyright 2021 Amazon.com, Inc. or its affiliates. All Rights Reserved.\n// SPDX-License-Identifier: Apache-2.0\nuse st"
},
{
"path": "src/firecracker/examples/uffd/fault_all_handler.rs",
"chars": 1806,
"preview": "// Copyright 2024 Amazon.com, Inc. or its affiliates. All Rights Reserved.\n// SPDX-License-Identifier: Apache-2.0\n\n//! P"
},
{
"path": "src/firecracker/examples/uffd/malicious_handler.rs",
"chars": 1295,
"preview": "// Copyright 2022 Amazon.com, Inc. or its affiliates. All Rights Reserved.\n// SPDX-License-Identifier: Apache-2.0\n\n//! P"
},
{
"path": "src/firecracker/examples/uffd/on_demand_handler.rs",
"chars": 5410,
"preview": "// Copyright 2022 Amazon.com, Inc. or its affiliates. All Rights Reserved.\n// SPDX-License-Identifier: Apache-2.0\n\n//! P"
},
{
"path": "src/firecracker/examples/uffd/uffd_utils.rs",
"chars": 15329,
"preview": "// Copyright 2022 Amazon.com, Inc. or its affiliates. All Rights Reserved.\n// SPDX-License-Identifier: Apache-2.0\n\n#![al"
},
{
"path": "src/firecracker/src/api_server/mod.rs",
"chars": 19568,
"preview": "// Copyright 2018 Amazon.com, Inc. or its affiliates. All Rights Reserved.\n// SPDX-License-Identifier: Apache-2.0\n\n//! I"
},
{
"path": "src/firecracker/src/api_server/parsed_request.rs",
"chars": 44625,
"preview": "// Copyright 2019 Amazon.com, Inc. or its affiliates. All Rights Reserved.\n// SPDX-License-Identifier: Apache-2.0\n\nuse s"
},
{
"path": "src/firecracker/src/api_server/request/actions.rs",
"chars": 3318,
"preview": "// Copyright 2018 Amazon.com, Inc. or its affiliates. All Rights Reserved.\n// SPDX-License-Identifier: Apache-2.0\n\nuse s"
},
{
"path": "src/firecracker/src/api_server/request/balloon.rs",
"chars": 9704,
"preview": "// Copyright 2020 Amazon.com, Inc. or its affiliates. All Rights Reserved.\n// SPDX-License-Identifier: Apache-2.0\n\nuse m"
},
{
"path": "src/firecracker/src/api_server/request/boot_source.rs",
"chars": 1460,
"preview": "// Copyright 2018 Amazon.com, Inc. or its affiliates. All Rights Reserved.\n// SPDX-License-Identifier: Apache-2.0\n\nuse v"
},
{
"path": "src/firecracker/src/api_server/request/cpu_configuration.rs",
"chars": 3300,
"preview": "// Copyright 2022 Amazon.com, Inc. or its affiliates. All Rights Reserved.\n// SPDX-License-Identifier: Apache-2.0\n\nuse v"
},
{
"path": "src/firecracker/src/api_server/request/drive.rs",
"chars": 8051,
"preview": "// Copyright 2018 Amazon.com, Inc. or its affiliates. All Rights Reserved.\n// SPDX-License-Identifier: Apache-2.0\n\nuse v"
},
{
"path": "src/firecracker/src/api_server/request/entropy.rs",
"chars": 965,
"preview": "// Copyright 2022 Amazon.com, Inc. or its affiliates. All Rights Reserved.\n// SPDX-License-Identifier: Apache-2.0\n\nuse v"
},
{
"path": "src/firecracker/src/api_server/request/hotplug/memory.rs",
"chars": 4070,
"preview": "// Copyright 2025 Amazon.com, Inc. or its affiliates. All Rights Reserved.\n// SPDX-License-Identifier: Apache-2.0\n\nuse m"
},
{
"path": "src/firecracker/src/api_server/request/hotplug/mod.rs",
"chars": 131,
"preview": "// Copyright 2025 Amazon.com, Inc. or its affiliates. All Rights Reserved.\n// SPDX-License-Identifier: Apache-2.0\n\npub m"
},
{
"path": "src/firecracker/src/api_server/request/instance_info.rs",
"chars": 837,
"preview": "// Copyright 2019 Amazon.com, Inc. or its affiliates. All Rights Reserved.\n// SPDX-License-Identifier: Apache-2.0\n\nuse v"
},
{
"path": "src/firecracker/src/api_server/request/logger.rs",
"chars": 2401,
"preview": "// Copyright 2018 Amazon.com, Inc. or its affiliates. All Rights Reserved.\n// SPDX-License-Identifier: Apache-2.0\n\nuse v"
},
{
"path": "src/firecracker/src/api_server/request/machine_configuration.rs",
"chars": 11620,
"preview": "// Copyright 2018 Amazon.com, Inc. or its affiliates. All Rights Reserved.\n// SPDX-License-Identifier: Apache-2.0\n\nuse v"
},
{
"path": "src/firecracker/src/api_server/request/metrics.rs",
"chars": 1390,
"preview": "// Copyright 2020 Amazon.com, Inc. or its affiliates. All Rights Reserved.\n// SPDX-License-Identifier: Apache-2.0\n\nuse v"
},
{
"path": "src/firecracker/src/api_server/request/mmds.rs",
"chars": 5787,
"preview": "// Copyright 2019 Amazon.com, Inc. or its affiliates. All Rights Reserved.\n// SPDX-License-Identifier: Apache-2.0\n\nuse m"
},
{
"path": "src/firecracker/src/api_server/request/mod.rs",
"chars": 488,
"preview": "// Copyright 2018 Amazon.com, Inc. or its affiliates. All Rights Reserved.\n// SPDX-License-Identifier: Apache-2.0\n\npub m"
},
{
"path": "src/firecracker/src/api_server/request/net.rs",
"chars": 5132,
"preview": "// Copyright 2018 Amazon.com, Inc. or its affiliates. All Rights Reserved.\n// SPDX-License-Identifier: Apache-2.0\n\nuse v"
},
{
"path": "src/firecracker/src/api_server/request/pmem.rs",
"chars": 2327,
"preview": "// Copyright 2018 Amazon.com, Inc. or its affiliates. All Rights Reserved.\n// SPDX-License-Identifier: Apache-2.0\n\nuse v"
}
]
// ... and 555 more files (download for full content)
About this extraction
This page contains the full source code of the firecracker-microvm/firecracker GitHub repository, extracted and formatted as plain text for AI agents and large language models (LLMs). The extraction includes 755 files (7.2 MB), approximately 1.9M tokens, and a symbol index with 8882 extracted functions, classes, methods, constants, and types. Use this with OpenClaw, Claude, ChatGPT, Cursor, Windsurf, or any other AI tool that accepts text input. You can copy the full output to your clipboard or download it as a .txt file.
Extracted by GitExtract — free GitHub repo to text converter for AI. Built by Nikandr Surkov.