README.md: Add more known issues for running crosvm on Linux

BUG=none TEST=none Change-Id: Ic63772785256bc01648ec53e60ec725ee14fbd88 Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/2896073 Tested-by: kokoro <noreply+kokoro@google.com> Reviewed-by: Chirantan Ekbote <chirantan@chromium.org> Commit-Queue: Fergus Dall <sidereal@google.com>
2025-02-10 20:19:07 +00:00 · 2021-05-14 19:44:39 +10:00 · 2021-05-14 19:44:39 +10:00 · 2f4a80f366
commit 2f4a80f366
parent 96e3fb363f
1 changed files with 9 additions and 0 deletions
--- a/README.md
+++ b/README.md
@ -54,6 +54,15 @@ sudo apt install build-essential libcap-dev libgbm-dev libvirglrenderer-dev libw
 ```

 Known issues:
+*   Even with the following points, jailed devices seem to crash for unclear
+    reasons. If you run into this, you can add `--disable-sandbox` to run
+    everything in a single process.
+*   If your Linux header files are too old, you may find minijail rejecting
+    seccomp filters for containing unknown syscalls. You can try removing the
+    offending lines from the filter file, or add `--seccomp-log-failures` to the
+    crosvm command line to turn these into warnings. Note that this option will
+    also stop minijail from killing processes that violate the seccomp rule,
+    making the sandboxing much less aggressive.
 *   Seccomp policy files have hardcoded absolute paths. You can either fix up
    the paths locally, or set up an awesome hacky symlink: `sudo mkdir
    /usr/share/policy && sudo ln -s /path/to/crosvm/seccomp/x86_64