xref: /openbsd-src/usr.sbin/vmd/vmd.h (revision f1dd7b858388b4a23f4f67a4957ec5ff656ebbe8) 
1 /*	$OpenBSD: vmd.h,v 1.105 2021/04/11 14:12:42 dv Exp $	*/
2 
3 /*
4  * Copyright (c) 2015 Mike Larkin <mlarkin@openbsd.org>
5  *
6  * Permission to use, copy, modify, and distribute this software for any
7  * purpose with or without fee is hereby granted, provided that the above
8  * copyright notice and this permission notice appear in all copies.
9  *
10  * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
11  * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
12  * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
13  * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
14  * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
15  * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
16  * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
17  */
18 
19 #include <sys/types.h>
20 #include <sys/queue.h>
21 #include <sys/socket.h>
22 
23 #include <machine/vmmvar.h>
24 
25 #include <net/if.h>
26 #include <netinet/in.h>
27 #include <netinet/if_ether.h>
28 #include <netinet6/in6_var.h>
29 
30 #include <limits.h>
31 #include <stdio.h>
32 #include <pthread.h>
33 
34 #include "proc.h"
35 
36 #ifndef VMD_H
37 #define VMD_H
38 
39 #define SET(_v, _m)		((_v) |= (_m))
40 #define CLR(_v, _m)		((_v) &= ~(_m))
41 #define ISSET(_v, _m)		((_v) & (_m))
42 #define NELEM(a) (sizeof(a) / sizeof((a)[0]))
43 
44 #define VMD_USER		"_vmd"
45 #define VMD_CONF		"/etc/vm.conf"
46 #define SOCKET_NAME		"/var/run/vmd.sock"
47 #define VMM_NODE		"/dev/vmm"
48 #define VM_DEFAULT_BIOS		"/etc/firmware/vmm-bios"
49 #define VM_DEFAULT_KERNEL	"/bsd"
50 #define VM_DEFAULT_DEVICE	"hd0a"
51 #define VM_BOOT_CONF		"/etc/boot.conf"
52 #define VM_NAME_MAX		64
53 #define VM_MAX_BASE_PER_DISK	4
54 #define VM_TTYNAME_MAX		16
55 #define MAX_TAP			256
56 #define NR_BACKLOG		5
57 #define VMD_SWITCH_TYPE		"bridge"
58 #define VM_DEFAULT_MEMORY	512
59 
60 #define VMD_DEFAULT_STAGGERED_START_DELAY 30
61 
62 /* Rate-limit fast reboots */
63 #define VM_START_RATE_SEC	6	/* min. seconds since last reboot */
64 #define VM_START_RATE_LIMIT	3	/* max. number of fast reboots */
65 
66 /* default user instance limits */
67 #define VM_DEFAULT_USER_MAXCPU	4
68 #define VM_DEFAULT_USER_MAXMEM	2048
69 #define VM_DEFAULT_USER_MAXIFS	8
70 
71 /* vmd -> vmctl error codes */
72 #define VMD_BIOS_MISSING	1001
73 #define VMD_DISK_MISSING	1002
74 					/* 1003 is obsolete VMD_DISK_INVALID */
75 #define VMD_VM_STOP_INVALID	1004
76 #define VMD_CDROM_MISSING	1005
77 #define VMD_CDROM_INVALID	1006
78 #define VMD_PARENT_INVALID	1007
79 
80 /* Image file signatures */
81 #define VM_MAGIC_QCOW		"QFI\xfb"
82 
83 /* 100.64.0.0/10 from rfc6598 (IPv4 Prefix for Shared Address Space) */
84 #define VMD_DHCP_PREFIX		"100.64.0.0/10"
85 
86 /* Unique local address for IPv6 */
87 #define VMD_ULA_PREFIX		"fd00::/8"
88 
89 enum imsg_type {
90 	IMSG_VMDOP_START_VM_REQUEST = IMSG_PROC_MAX,
91 	IMSG_VMDOP_START_VM_CDROM,
92 	IMSG_VMDOP_START_VM_DISK,
93 	IMSG_VMDOP_START_VM_IF,
94 	IMSG_VMDOP_START_VM_END,
95 	IMSG_VMDOP_START_VM_RESPONSE,
96 	IMSG_VMDOP_PAUSE_VM,
97 	IMSG_VMDOP_PAUSE_VM_RESPONSE,
98 	IMSG_VMDOP_UNPAUSE_VM,
99 	IMSG_VMDOP_UNPAUSE_VM_RESPONSE,
100 	IMSG_VMDOP_SEND_VM_REQUEST,
101 	IMSG_VMDOP_SEND_VM_RESPONSE,
102 	IMSG_VMDOP_RECEIVE_VM_REQUEST,
103 	IMSG_VMDOP_RECEIVE_VM_RESPONSE,
104 	IMSG_VMDOP_RECEIVE_VM_END,
105 	IMSG_VMDOP_WAIT_VM_REQUEST,
106 	IMSG_VMDOP_TERMINATE_VM_REQUEST,
107 	IMSG_VMDOP_TERMINATE_VM_RESPONSE,
108 	IMSG_VMDOP_TERMINATE_VM_EVENT,
109 	IMSG_VMDOP_GET_INFO_VM_REQUEST,
110 	IMSG_VMDOP_GET_INFO_VM_DATA,
111 	IMSG_VMDOP_GET_INFO_VM_END_DATA,
112 	IMSG_VMDOP_LOAD,
113 	IMSG_VMDOP_RELOAD,
114 	IMSG_VMDOP_PRIV_IFDESCR,
115 	IMSG_VMDOP_PRIV_IFADD,
116 	IMSG_VMDOP_PRIV_IFEXISTS,
117 	IMSG_VMDOP_PRIV_IFUP,
118 	IMSG_VMDOP_PRIV_IFDOWN,
119 	IMSG_VMDOP_PRIV_IFGROUP,
120 	IMSG_VMDOP_PRIV_IFADDR,
121 	IMSG_VMDOP_PRIV_IFADDR6,
122 	IMSG_VMDOP_PRIV_IFRDOMAIN,
123 	IMSG_VMDOP_PRIV_GET_ADDR,
124 	IMSG_VMDOP_PRIV_GET_ADDR_RESPONSE,
125 	IMSG_VMDOP_VM_SHUTDOWN,
126 	IMSG_VMDOP_VM_REBOOT,
127 	IMSG_VMDOP_CONFIG,
128 	IMSG_VMDOP_DONE
129 };
130 
131 struct vmop_result {
132 	int			 vmr_result;
133 	uint32_t		 vmr_id;
134 	pid_t			 vmr_pid;
135 	char			 vmr_ttyname[VM_TTYNAME_MAX];
136 };
137 
138 struct vmop_info_result {
139 	struct vm_info_result	 vir_info;
140 	char			 vir_ttyname[VM_TTYNAME_MAX];
141 	uid_t			 vir_uid;
142 	int64_t			 vir_gid;
143 	unsigned int		 vir_state;
144 };
145 
146 struct vmop_id {
147 	uint32_t		 vid_id;
148 	char			 vid_name[VMM_MAX_NAME_LEN];
149 	uid_t			 vid_uid;
150 	unsigned int		 vid_flags;
151 #define VMOP_FORCE		0x01
152 #define VMOP_WAIT		0x02
153 };
154 
155 struct vmop_ifreq {
156 	uint32_t			 vfr_id;
157 	char				 vfr_name[IF_NAMESIZE];
158 	char				 vfr_value[VM_NAME_MAX];
159 	struct sockaddr_storage		 vfr_addr;
160 	struct sockaddr_storage		 vfr_mask;
161 };
162 
163 struct vmop_addr_req {
164 	uint32_t		 var_vmid;
165 	unsigned int		 var_nic_idx;
166 };
167 
168 struct vmop_addr_result {
169 	uint32_t		 var_vmid;
170 	unsigned int		 var_nic_idx;
171 	uint8_t			 var_addr[ETHER_ADDR_LEN];
172 };
173 
174 struct vmop_owner {
175 	uid_t			 uid;
176 	int64_t			 gid;
177 };
178 
179 struct vmop_create_params {
180 	struct vm_create_params	 vmc_params;
181 	unsigned int		 vmc_flags;
182 #define VMOP_CREATE_CPU		0x01
183 #define VMOP_CREATE_KERNEL	0x02
184 #define VMOP_CREATE_MEMORY	0x04
185 #define VMOP_CREATE_NETWORK	0x08
186 #define VMOP_CREATE_DISK	0x10
187 #define VMOP_CREATE_CDROM	0x20
188 #define VMOP_CREATE_INSTANCE	0x40
189 
190 	/* same flags; check for access to these resources */
191 	unsigned int		 vmc_checkaccess;
192 
193 	/* userland-only part of the create params */
194 	unsigned int		 vmc_bootdevice;
195 #define VMBOOTDEV_AUTO		0
196 #define VMBOOTDEV_DISK		1
197 #define VMBOOTDEV_CDROM		2
198 #define VMBOOTDEV_NET		3
199 	unsigned int		 vmc_ifflags[VMM_MAX_NICS_PER_VM];
200 #define VMIFF_UP		0x01
201 #define VMIFF_LOCKED		0x02
202 #define VMIFF_LOCAL		0x04
203 #define VMIFF_RDOMAIN		0x08
204 #define VMIFF_OPTMASK		(VMIFF_LOCKED|VMIFF_LOCAL|VMIFF_RDOMAIN)
205 
206 	unsigned int		 vmc_disktypes[VMM_MAX_DISKS_PER_VM];
207 	unsigned int		 vmc_diskbases[VMM_MAX_DISKS_PER_VM];
208 #define VMDF_RAW		0x01
209 #define VMDF_QCOW2		0x02
210 
211 	char			 vmc_ifnames[VMM_MAX_NICS_PER_VM][IF_NAMESIZE];
212 	char			 vmc_ifswitch[VMM_MAX_NICS_PER_VM][VM_NAME_MAX];
213 	char			 vmc_ifgroup[VMM_MAX_NICS_PER_VM][IF_NAMESIZE];
214 	unsigned int		 vmc_ifrdomain[VMM_MAX_NICS_PER_VM];
215 	struct vmop_owner	 vmc_owner;
216 
217 	/* instance template params */
218 	char			 vmc_instance[VMM_MAX_NAME_LEN];
219 	struct vmop_owner	 vmc_insowner;
220 	unsigned int		 vmc_insflags;
221 };
222 
223 struct vm_dump_header_cpuid {
224 	unsigned long code, leaf;
225 	unsigned int a, b, c, d;
226 };
227 
228 #define VM_DUMP_HEADER_CPUID_COUNT	5
229 
230 struct vm_dump_header {
231 	uint8_t			 vmh_signature[12];
232 #define VM_DUMP_SIGNATURE	 VMM_HV_SIGNATURE
233 	uint8_t			 vmh_pad[3];
234 	uint8_t			 vmh_version;
235 #define VM_DUMP_VERSION		 7
236 	struct			 vm_dump_header_cpuid
237 	    vmh_cpuids[VM_DUMP_HEADER_CPUID_COUNT];
238 } __packed;
239 
240 struct vmboot_params {
241 	off_t			 vbp_partoff;
242 	char			 vbp_device[PATH_MAX];
243 	char			 vbp_image[PATH_MAX];
244 	unsigned int		 vbp_type;
245 	void			*vbp_arg;
246 	char			*vbp_buf;
247 };
248 
249 struct vmd_if {
250 	char			*vif_name;
251 	char			*vif_switch;
252 	char			*vif_group;
253 	int			 vif_fd;
254 	unsigned int		 vif_rdomain;
255 	unsigned int		 vif_flags;
256 	TAILQ_ENTRY(vmd_if)	 vif_entry;
257 };
258 
259 struct vmd_switch {
260 	uint32_t		 sw_id;
261 	char			*sw_name;
262 	char			 sw_ifname[IF_NAMESIZE];
263 	char			*sw_group;
264 	unsigned int		 sw_rdomain;
265 	unsigned int		 sw_flags;
266 	int			 sw_running;
267 	TAILQ_ENTRY(vmd_switch)	 sw_entry;
268 };
269 TAILQ_HEAD(switchlist, vmd_switch);
270 
271 struct vmd_vm {
272 	struct vmop_create_params vm_params;
273 	pid_t			 vm_pid;
274 	uint32_t		 vm_vmid;
275 	int			 vm_kernel;
276 	int			 vm_cdrom;
277 	int			 vm_disks[VMM_MAX_DISKS_PER_VM][VM_MAX_BASE_PER_DISK];
278 	struct vmd_if		 vm_ifs[VMM_MAX_NICS_PER_VM];
279 	char			*vm_ttyname;
280 	int			 vm_tty;
281 	uint32_t		 vm_peerid;
282 	/* When set, VM was defined in a config file */
283 	int			 vm_from_config;
284 	struct imsgev		 vm_iev;
285 	uid_t			 vm_uid;
286 	int			 vm_receive_fd;
287 	struct vmd_user		*vm_user;
288 	unsigned int		 vm_state;
289 /* When set, VM is running now (PROC_PARENT only) */
290 #define VM_STATE_RUNNING	0x01
291 /* When set, VM is not started by default (PROC_PARENT only) */
292 #define VM_STATE_DISABLED	0x02
293 /* When set, VM is marked to be shut down */
294 #define VM_STATE_SHUTDOWN	0x04
295 #define VM_STATE_RECEIVED	0x08
296 #define VM_STATE_PAUSED		0x10
297 #define VM_STATE_WAITING	0x20
298 
299 	/* For rate-limiting */
300 	struct timeval		 vm_start_tv;
301 	int			 vm_start_limit;
302 
303 	TAILQ_ENTRY(vmd_vm)	 vm_entry;
304 };
305 TAILQ_HEAD(vmlist, vmd_vm);
306 
307 struct vmd_user {
308 	struct vmop_owner	 usr_id;
309 	uint64_t		 usr_maxcpu;
310 	uint64_t		 usr_maxmem;
311 	uint64_t		 usr_maxifs;
312 	int			 usr_refcnt;
313 
314 	TAILQ_ENTRY(vmd_user)	 usr_entry;
315 };
316 TAILQ_HEAD(userlist, vmd_user);
317 
318 struct name2id {
319 	char			name[VMM_MAX_NAME_LEN];
320 	int			uid;
321 	int32_t			id;
322 	TAILQ_ENTRY(name2id)	entry;
323 };
324 TAILQ_HEAD(name2idlist, name2id);
325 
326 struct address {
327 	struct sockaddr_storage	 ss;
328 	int			 prefixlen;
329 	TAILQ_ENTRY(address)	 entry;
330 };
331 TAILQ_HEAD(addresslist, address);
332 
333 struct vmd_config {
334 	unsigned int		 cfg_flags;
335 #define VMD_CFG_INET6		0x01
336 #define VMD_CFG_AUTOINET6	0x02
337 #define VMD_CFG_STAGGERED_START	0x04
338 
339 	struct timeval		 delay;
340 	int			 parallelism;
341 	struct address		 cfg_localprefix;
342 	struct address		 cfg_localprefix6;
343 };
344 
345 struct vmd {
346 	struct privsep		 vmd_ps;
347 	const char		*vmd_conffile;
348 
349 	/* global configuration that is sent to the children */
350 	struct vmd_config	 vmd_cfg;
351 
352 	int			 vmd_debug;
353 	int			 vmd_verbose;
354 	int			 vmd_noaction;
355 
356 	uint32_t		 vmd_nvm;
357 	struct vmlist		*vmd_vms;
358 	struct name2idlist	*vmd_known;
359 	uint32_t		 vmd_nswitches;
360 	struct switchlist	*vmd_switches;
361 	struct userlist		*vmd_users;
362 
363 	int			 vmd_fd;
364 	int			 vmd_fd6;
365 	int			 vmd_ptmfd;
366 };
367 
368 struct vm_dev_pipe {
369 	int			 read;
370 	int			 write;
371 	struct event		 read_ev;
372 };
373 
374 enum pipe_msg_type {
375 	I8253_RESET_CHAN_0 = 0,
376 	I8253_RESET_CHAN_1 = 1,
377 	I8253_RESET_CHAN_2 = 2,
378 	NS8250_ZERO_READ,
379 	NS8250_RATELIMIT,
380 	MC146818_RESCHEDULE_PER
381 };
382 
383 static inline struct sockaddr_in *
384 ss2sin(struct sockaddr_storage *ss)
385 {
386 	return ((struct sockaddr_in *)ss);
387 }
388 
389 static inline struct sockaddr_in6 *
390 ss2sin6(struct sockaddr_storage *ss)
391 {
392 	return ((struct sockaddr_in6 *)ss);
393 }
394 
395 struct packet_ctx {
396 	uint8_t			 pc_htype;
397 	uint8_t			 pc_hlen;
398 	uint8_t			 pc_smac[ETHER_ADDR_LEN];
399 	uint8_t			 pc_dmac[ETHER_ADDR_LEN];
400 
401 	struct sockaddr_storage	 pc_src;
402 	struct sockaddr_storage	 pc_dst;
403 };
404 
405 /* packet.c */
406 ssize_t	 assemble_hw_header(unsigned char *, size_t, size_t,
407 	    struct packet_ctx *, unsigned int);
408 ssize_t	 assemble_udp_ip_header(unsigned char *, size_t, size_t,
409 	    struct packet_ctx *pc, unsigned char *, size_t);
410 ssize_t	 decode_hw_header(unsigned char *, size_t, size_t, struct packet_ctx *,
411 	    unsigned int);
412 ssize_t	 decode_udp_ip_header(unsigned char *, size_t, size_t,
413 	    struct packet_ctx *);
414 
415 /* vmd.c */
416 int	 vmd_reload(unsigned int, const char *);
417 struct vmd_vm *vm_getbyid(uint32_t);
418 struct vmd_vm *vm_getbyvmid(uint32_t);
419 uint32_t vm_id2vmid(uint32_t, struct vmd_vm *);
420 uint32_t vm_vmid2id(uint32_t, struct vmd_vm *);
421 struct vmd_vm *vm_getbyname(const char *);
422 struct vmd_vm *vm_getbypid(pid_t);
423 void	 vm_stop(struct vmd_vm *, int, const char *);
424 void	 vm_remove(struct vmd_vm *, const char *);
425 int	 vm_register(struct privsep *, struct vmop_create_params *,
426 	    struct vmd_vm **, uint32_t, uid_t);
427 int	 vm_checkperm(struct vmd_vm *, struct vmop_owner *, uid_t);
428 int	 vm_checkaccess(int, unsigned int, uid_t, int);
429 int	 vm_opentty(struct vmd_vm *);
430 void	 vm_closetty(struct vmd_vm *);
431 void	 switch_remove(struct vmd_switch *);
432 struct vmd_switch *switch_getbyname(const char *);
433 struct vmd_user *user_get(uid_t);
434 void	 user_put(struct vmd_user *);
435 void	 user_inc(struct vm_create_params *, struct vmd_user *, int);
436 int	 user_checklimit(struct vmd_user *, struct vm_create_params *);
437 char	*get_string(uint8_t *, size_t);
438 uint32_t prefixlen2mask(uint8_t);
439 void	 prefixlen2mask6(u_int8_t, struct in6_addr *);
440 void	 getmonotime(struct timeval *);
441 
442 /* priv.c */
443 void	 priv(struct privsep *, struct privsep_proc *);
444 int	 priv_getiftype(char *, char *, unsigned int *);
445 int	 priv_findname(const char *, const char **);
446 int	 priv_validgroup(const char *);
447 int	 vm_priv_ifconfig(struct privsep *, struct vmd_vm *);
448 int	 vm_priv_brconfig(struct privsep *, struct vmd_switch *);
449 uint32_t vm_priv_addr(struct vmd_config *, uint32_t, int, int);
450 int	 vm_priv_addr6(struct vmd_config *, uint32_t, int, int,
451 	    struct in6_addr *);
452 
453 /* vmm.c */
454 struct iovec;
455 
456 void	 vmm(struct privsep *, struct privsep_proc *);
457 void	 vmm_shutdown(void);
458 void	*vaddr_mem(paddr_t, size_t);
459 int	 write_mem(paddr_t, const void *buf, size_t);
460 int	 read_mem(paddr_t, void *buf, size_t);
461 int	 iovec_mem(paddr_t, size_t, struct iovec *, int);
462 int	 opentap(char *);
463 int	 fd_hasdata(int);
464 void	 mutex_lock(pthread_mutex_t *);
465 void	 mutex_unlock(pthread_mutex_t *);
466 int	 vmm_pipe(struct vmd_vm *, int, void (*)(int, short, void *));
467 
468 /* vm.c */
469 int	 start_vm(struct vmd_vm *, int);
470 __dead void vm_shutdown(unsigned int);
471 void	 vm_pipe_init(struct vm_dev_pipe *, void (*)(int, short, void *));
472 void	 vm_pipe_send(struct vm_dev_pipe *, enum pipe_msg_type);
473 enum pipe_msg_type vm_pipe_recv(struct vm_dev_pipe *);
474 
475 /* config.c */
476 int	 config_init(struct vmd *);
477 void	 config_purge(struct vmd *, unsigned int);
478 int	 config_setconfig(struct vmd *);
479 int	 config_getconfig(struct vmd *, struct imsg *);
480 int	 config_setreset(struct vmd *, unsigned int);
481 int	 config_getreset(struct vmd *, struct imsg *);
482 int	 config_setvm(struct privsep *, struct vmd_vm *, uint32_t, uid_t);
483 int	 config_getvm(struct privsep *, struct imsg *);
484 int	 config_getdisk(struct privsep *, struct imsg *);
485 int	 config_getif(struct privsep *, struct imsg *);
486 int	 config_getcdrom(struct privsep *, struct imsg *);
487 
488 /* parse.y */
489 int	 parse_config(const char *);
490 int	 cmdline_symset(char *);
491 int	 host(const char *, struct address *);
492 
493 /* virtio.c */
494 int	 virtio_get_base(int, char *, size_t, int, const char *);
495 
496 #endif /* VMD_H */
497