Add support for PVH direct boot API

[cperciva]

Changes

This updates patches submitted two years ago (#1818). Some of that work ended up in linux-loader; much of the rest needed to be refactored to adjust for changes in the tree.

As this is my first significant contribution to Firecracker (and my first time using Rust!) this PR probably requires more careful review than most. Also, I haven't updated any documentation or added integration tests; I'm guessing it would be good to have a "does FreeBSD boot" test? Happy to do more work here but I'll need someone to lead me through the process.

Reason

Supporting PVH boot makes it possible for FreeBSD to boot in Firecracker. (cf. #3041).

License Acceptance

By submitting this pull request, I confirm that my contribution is made under
the terms of the Apache 2.0 license.

The original author of the patches (now credited as co-authored-by) provided the same confirmation in his original PR.

PR Checklist

• All commits in this PR are signed (git commit -s).
• If a specific issue led to this PR, this PR closes the issue.
• The description of changes is clear and encompassing.
• Any required documentation changes (code and docs) are included in this PR.
• [N/A] New unsafe code is documented.
• [N/A] API changes follow the Runbook for Firecracker API changes.
• User-facing changes are mentioned in CHANGELOG.md.
• All added/changed functionality is tested.

---

• This functionality can be added in rust-vmm.

[cperciva]

When I ran devtool test I had a few failures, most of which seemed like problems in the test framework. Two issues which I wasn't sure what to do about:

Non 'Co-authored-by:' string found after 1st 'Co-authored-by:'

I made sure the Co-authored-by was the last thing in each commit message so I'm guessing there's a gitlint bug here?

AssertionError: Files ['../src/arch/src/x86_64/gdt.rs', '../src/arch/src/x86_64/mod.rs', '../src/arch/src/x86_64/regs.rs'] have invalid licenses

These files gained Oracle copyrights which I'm guessing the test is objecting to?

[cperciva]

One user-facing change which I wasn't sure about: With this code, if a kernel specifies a PVH entry point, Firecracker will use it. If a kernel has both regular and PVH entry points, we could theoretically see a change in behaviour.

My inclination is to say that this is the right thing to do, but if the Firecracker core team prefers I'm totally fine with it being an option (probably specified at the same time as the kernel is specified, via API or JSON). I'd have to dig into the code more to figure out how to do this, though.

[cperciva]

Updated patch removed a few vestigal lines from the original work two years ago.

[cperciva]

Rebased on latest main in order to pick up the gitlint fix.

[cperciva]

Rebased to latest main; minor tweaks needed to keep clippy happy.

[cperciva]

Rebased on the latest main.

[cperciva]

Fixed a couple more style nits and added a commit to allow the Oracle copyright.

[theoparis]

Any updates on this? There seems to be conflicts now 😕

[cperciva]

Any updates on this? There seems to be conflicts now

Sorry, I've been busy with FreeBSD release engineering -- I promise I'll get back to this so it can get merged!

[roypat]

Hey Colin, thanks for being so patient with us. As talked about on Slack, I've pointed this PR towards a feature branch so that we can get this PR merged without having to wait for the ci artifacts work to complete. That way you won't have to continuously rebase this PR. I'll be adding all required testing (freebsd boot test using artifacts build using your instructions, a test booting linux with pvh and a performance test to for booting linux with pvh) to the feature branch later once that work is unblocked, and if all goes well we might be able to land this for the next firecracker release 🥳

[bchalios]

This looks great! I just had some style-related comments. I want to go through the boot protocol again a bit more closely, but I couldn't find a proper resource describing the ABI.
For example, I couldn't find (easily) info about the GDT setup you're doing and the memory layout. (If you have other links, it would be useful).

[cperciva]

Patches updated and rebased on the latest main.

[codecov]

Codecov Report

Patch coverage: 86.72% and project coverage change: -0.01% ⚠️

Comparison is base (1a2c6ad) 82.65% compared to head (a6639ad) 82.65%.

Additional details and impacted files

@@               Coverage Diff               @@
##           feature/pvh    #3155      +/-   ##
===============================================
- Coverage        82.65%   82.65%   -0.01%     
===============================================
  Files              221      221              
  Lines            28169    28330     +161     
===============================================
+ Hits             23283    23416     +133     
- Misses            4886     4914      +28     

Flag	Coverage Δ
4.14-c7g.metal	78.07% <66.66%> (-0.03%)	⬇️
4.14-m5d.metal	79.90% <86.66%> (+<0.01%)	⬆️
4.14-m6a.metal	79.05% <86.66%> (+0.01%)	⬆️
4.14-m6g.metal	78.07% <66.66%> (-0.03%)	⬇️
4.14-m6i.metal	79.89% <86.66%> (+0.01%)	⬆️
5.10-c7g.metal	81.02% <66.66%> (-0.03%)	⬇️
5.10-m5d.metal	82.57% <86.66%> (-0.01%)	⬇️
5.10-m6a.metal	81.82% <86.66%> (+<0.01%)	⬆️
5.10-m6g.metal	81.02% <66.66%> (-0.03%)	⬇️
5.10-m6i.metal	82.57% <86.66%> (+<0.01%)	⬆️
6.1-c7g.metal	81.02% <66.66%> (-0.03%)	⬇️
6.1-m5d.metal	82.57% <86.66%> (-0.01%)	⬇️
6.1-m6a.metal	81.82% <86.66%> (+<0.01%)	⬆️
6.1-m6g.metal	81.02% <66.66%> (-0.03%)	⬇️
6.1-m6i.metal	82.57% <86.66%> (-0.01%)	⬇️

Flags with carried forward coverage won't be shown. Click here to find out more.

Files Changed	Coverage Δ
src/vmm/src/arch/mod.rs	28.57% <0.00%> (-51.43%)	⬇️
src/vmm/src/vstate/vcpu/mod.rs	85.38% <ø> (ø)
src/vmm/src/arch/x86_64/regs.rs	92.25% <87.71%> (-4.27%)	⬇️
src/vmm/src/builder.rs	92.84% <90.32%> (-0.22%)	⬇️
src/vmm/src/arch/x86_64/mod.rs	94.17% <91.17%> (-3.15%)	⬇️
src/vmm/src/arch/x86_64/gdt.rs	98.41% <100.00%> (+0.16%)	⬆️
src/vmm/src/vstate/vcpu/aarch64.rs	96.07% <100.00%> (ø)
src/vmm/src/vstate/vcpu/x86_64.rs	88.85% <100.00%> (ø)

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

[cperciva]

Thank you!

[bchalios]

Thank you!

Actually, thank you Colin. I will work with Patrick to add the proper testing, so that we can get this merged to main ASAP.

[mcgaw]

@cperciva Many thanks for this. Can I ask a (perhaps silly) question? I have a FreeBSD CI pipeline that currently uses VirtualBox, and is a bit of a pain for several reasons. It uses jails. Is there any limitation around jails and vnet stacks imposed by using firecracker VMs?

[cperciva]

@mcgaw Firecracker won't be aware of your jails, and your jails won't know that their host is running inside Firecracker. If you're using multiple IP addresses you might need some networking magic on the Linux host to get all of those routed into the FreeBSD/Firecracker guest, but aside from that it should just work.

[mcgaw]

That's brilliant - I'm looking forward to road testing it. Thanks!

[iMilnb]

Has this work been merged yet? FYI this allows to boot both FreeBSD and NetBSD on firecracker.