Commit graph

537 commits

Author SHA1 Message Date
David Tolnay
1d4d44a8e2 sync: Mutex type with methods that panic instead of return error
This CL adds a crate `sync` containing a type sync::Mutex which wraps
the standard library Mutex and mirrors the same methods, except that
they panic where the standard library would return a PoisonError. This
API codifies our error handling strategy around poisoned mutexes in
crosvm.

- Crosvm releases are built with panic=abort so poisoning never occurs.
  A panic while a mutex is held (or ever) takes down the entire process.
  Thus we would like for code not to have to consider the possibility of
  poison.

- We could ask developers to always write `.lock().unwrap()` on a
  standard library mutex. However, we would like to stigmatize the use
  of unwrap. It is confusing to permit unwrap but only on mutex lock
  results. During code review it may not always be obvious whether a
  particular unwrap is unwrapping a mutex lock result or a different
  error that should be handled in a more principled way.

Developers should feel free to use sync::Mutex anywhere in crosvm that
they would otherwise be using std::sync::Mutex.

TEST=boot linux

Change-Id: I9727b6f8fee439edb4a8d52cf19d59acf04d990f
Reviewed-on: https://chromium-review.googlesource.com/1359923
Commit-Ready: David Tolnay <dtolnay@chromium.org>
Tested-by: David Tolnay <dtolnay@chromium.org>
Reviewed-by: Zach Reizner <zachr@chromium.org>
2018-12-05 01:13:41 -08:00
Daniel Verkamp
2ea8f3d0aa qcow: scan for free clusters at startup
During runtime, we track unreferenced clusters (via unref_clusters and
avail_clusters) and reuse them before extending the disk image.
However, across boots, we did not previously recover the list of
unreferenced clusters, so the disk file could grow beyond the range that
the reference table count represent.  This patch adds a boot-time scan
for all unreferenced clusters so that they get reused.

BUG=chromium:899273
TEST=Boot with qcow2 image, fill the disk with dd, delete the dd'd file,
refill with dd, and so on, repeatedly. Ensure that the disk image does
not grow beyond the expected max size and that no clusters beyond the
size of the refcount table are used.

Change-Id: Idd21b08bb4c55b8244e7ecaccafc4ccc46b7b17a
Signed-off-by: Daniel Verkamp <dverkamp@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1327822
Reviewed-by: Dylan Reid <dgreid@chromium.org>
2018-12-04 00:11:37 -08:00
David Tolnay
f503276291 linux: Print all siginfo structs on ChildSignal
I noticed this questionable loop that never loops in CL:1357700. Purely
guessing as to what it was supposed to do -- I have not tested this
codepath.

TEST=cargo check

Change-Id: I4560b80f080112a78adf440a663341f4fb0f1070
Reviewed-on: https://chromium-review.googlesource.com/1359010
Commit-Ready: David Tolnay <dtolnay@chromium.org>
Tested-by: David Tolnay <dtolnay@chromium.org>
Reviewed-by: Stephen Barber <smbarber@chromium.org>
2018-12-04 00:11:32 -08:00
Daniel Verkamp
35bac991e6 presubmit: add cargo fmt check
This will automatically check rustfmt during 'repo upload'.

BUG=chromium:908640
TEST=repo upload
CQ-DEPEND=CL:1352648

Change-Id: I97911e00de2f25f0827c37b9715f7f77a504d2fa
Signed-off-by: Daniel Verkamp <dverkamp@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1351693
Reviewed-by: Zach Reizner <zachr@chromium.org>
2018-12-04 00:11:31 -08:00
David Tolnay
8f3a232160 linux: Clean up a misleading loop
The `while sig_ok` in the original code suggests that `sig_ok` would be mutated
by the loop body, but it was not. Really `while sig_ok` was being used to mean
`if sig_ok { loop { ... } }`, with breaks to exit the loop body.

I replaced `while sig_ok` with `if sig_ok` containing `loop`. Since this is an
extra layer of indentation, I removed two layers of indentation by flattening a
a nested match so the new code is overall less indented than before.

Clippy flags such loops in which the loop condition never changes as high
confidence of being a bug or at least misleading:
https://rust-lang.github.io/rust-clippy/master/index.html#while_immutable_condition

TEST=run linux

Change-Id: Ib925bbedbdda11bb50e47f8dd55c2f5af7c53698
Reviewed-on: https://chromium-review.googlesource.com/1357699
Commit-Ready: David Tolnay <dtolnay@chromium.org>
Tested-by: David Tolnay <dtolnay@chromium.org>
Reviewed-by: Zach Reizner <zachr@chromium.org>
2018-12-03 20:32:14 -08:00
Zach Reizner
da37f7a586 data_model: prevent unaligned DataInit::from_slice
Because the alignment of the data passed into from_slice is not checked,
it is very easy to pass in unaligned data that will get dereferenced at
a later point in the code. On ARM, this will lead to a SIGBUS.

This change adds an alignment check to prevent getting a signal.
Instead, the caller will get `None`.

BUG=chromium:900962
TEST=cargo test -p data_model

Change-Id: I7a0f835f7d0ffd8c3d44bbcd80a790027f652bc9
Reviewed-on: https://chromium-review.googlesource.com/1343989
Commit-Ready: Zach Reizner <zachr@chromium.org>
Tested-by: Daniel Verkamp <dverkamp@chromium.org>
Reviewed-by: Daniel Verkamp <dverkamp@chromium.org>
2018-12-03 20:32:05 -08:00
David Tolnay
5bbbf61082 lint: Resolve the easier clippy lints
Hopefully the changes are self-explanatory and uncontroversial. This
eliminates much of the noise from `cargo clippy` and, for my purposes,
gives me a reasonable way to use it as a tool when writing and reviewing
code.

Here is the Clippy invocation I was using:

    cargo +nightly clippy -- -W clippy::correctness -A renamed_and_removed_lints -Aclippy::{blacklisted_name,borrowed_box,cast_lossless,cast_ptr_alignment,enum_variant_names,identity_op,if_same_then_else,mut_from_ref,needless_pass_by_value,new_without_default,new_without_default_derive,or_fun_call,ptr_arg,should_implement_trait,single_match,too_many_arguments,trivially_copy_pass_by_ref,unreadable_literal,unsafe_vector_initialization,useless_transmute}

TEST=cargo check --features wl-dmabuf,gpu,usb-emulation
TEST=boot linux

Change-Id: I55eb1b4a72beb2f762480e3333a921909314a0a2
Reviewed-on: https://chromium-review.googlesource.com/1356911
Commit-Ready: David Tolnay <dtolnay@chromium.org>
Tested-by: David Tolnay <dtolnay@chromium.org>
Reviewed-by: Dylan Reid <dgreid@chromium.org>
2018-12-03 20:32:03 -08:00
David Tolnay
21fb34fb93 devices: Remove duplicated doc comments in impl block
These duplicate the doc comments found in `trait PciDevice`. I am
removing them because a sensible reader would already assume that they
have fallen out of sync with the doc comments in the trait, and thus
refer to the trait definition anyway.

TEST=none

Change-Id: Id86936a6f2a1b6c78a000b107bb4fc8ed78e40f9
Reviewed-on: https://chromium-review.googlesource.com/1355350
Commit-Ready: David Tolnay <dtolnay@chromium.org>
Tested-by: David Tolnay <dtolnay@chromium.org>
Reviewed-by: Jingkui Wang <jkwang@google.com>
Reviewed-by: Dylan Reid <dgreid@chromium.org>
2018-12-02 00:05:35 -08:00
Jingkui Wang
b14ce22a1b crosvm: update kokoro docker file to install libusb-1.0
Usb emulation depend on libusb. This path install libusb-1.0 to the
container.

BUG=chromium:831850
TEST=local build docker and run kokoro_simulator.sh

Change-Id: I2fa406914bf7cfe9a790ec945e15eb387e964d8e
Reviewed-on: https://chromium-review.googlesource.com/1356766
Commit-Ready: Jingkui Wang <jkwang@google.com>
Tested-by: Jingkui Wang <jkwang@google.com>
Reviewed-by: Daniel Verkamp <dverkamp@chromium.org>
2018-12-01 01:08:50 -08:00
Daniel Verkamp
ef37e2fe15 qcow: add support for rebuilding refcounts
This adds the ability to regenerate the reference counts by walking all
of the L1/L2 tables and headers to find all reachable clusters.  This is
necessary for the next patch, which will use the reference count tables
to find unused clusters to reuse.

BUG=chromium:899273
TEST=cargo test -p cqow

Change-Id: I93dd00d381d8d33010fddfc10aa18ca32586e1f4
Signed-off-by: Daniel Verkamp <dverkamp@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1327821
Reviewed-by: Dylan Reid <dgreid@chromium.org>
2018-12-01 01:08:40 -08:00
Jingkui Wang
81066162c2 usb_util: Add descriptors
add config descriptors, endpoint descriptors, interface descriptors.

BUG=chromium:831850
TEST=cargo test
CQ-DEPEND=CL:1135783

Change-Id: If74c407f198725bdc6a3096b03d6fe02dcd29ec8
Reviewed-on: https://chromium-review.googlesource.com/1299716
Commit-Ready: Jingkui Wang <jkwang@google.com>
Tested-by: Jingkui Wang <jkwang@google.com>
Reviewed-by: Jingkui Wang <jkwang@google.com>
2018-12-01 01:08:36 -08:00
Jingkui Wang
457ebc9d93 usb_util: Add pollfd change handler.
Allow user to hander pollfd change events.

BUG=chromium:831850
TEST=local build
CQ-DEPEND=CL:1124870

Change-Id: I013104e7dfae8f9ae94803f99f435039cd53925c
Reviewed-on: https://chromium-review.googlesource.com/1135783
Commit-Ready: Jingkui Wang <jkwang@google.com>
Tested-by: Jingkui Wang <jkwang@google.com>
Reviewed-by: Jingkui Wang <jkwang@google.com>
2018-12-01 01:08:35 -08:00
Jingkui Wang
33e08312f2 usb_util: Create libusb wrapper
This wrapper will be part of usb emulation backend.

BUG=chromium:831850
TEST=local build

Change-Id: I084b15201941e4c16c4e3ff9b967e55db09db567
Reviewed-on: https://chromium-review.googlesource.com/1124870
Commit-Ready: Jingkui Wang <jkwang@google.com>
Tested-by: Jingkui Wang <jkwang@google.com>
Reviewed-by: Jingkui Wang <jkwang@google.com>
2018-12-01 01:08:35 -08:00
Daniel Verkamp
9ae286d008 sys_util: replace fallocate64 with libc call
Now that libc includes the fallocate64 function declaration that we
need, we can drop our own declaration and resolve the TODOs.

BUG=None
TEST=cargo build

Change-Id: I7548a561d672739fa7cdd7eb996ad2b2e307d69a
Signed-off-by: Daniel Verkamp <dverkamp@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1352866
Commit-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com>
Reviewed-by: Stephen Barber <smbarber@chromium.org>
2018-11-30 12:53:08 -08:00
Dmitry Torokhov
510c1cfb46 crosvm/plugin: fix typo 'singal' -> 'signal'
Fix $SUBJECT in log message and in a comment.

BUG=None
TEST=Build

Change-Id: Ice2e60464648c2934869fa176a8b28ed675ff79b
Reviewed-on: https://chromium-review.googlesource.com/1354487
Commit-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com>
Tested-by: Dmitry Torokhov <dtor@chromium.org>
Reviewed-by: Zach Reizner <zachr@chromium.org>
2018-11-29 12:11:01 -08:00
Stephen Barber
0daffb0eb5 kokoro: add presubmit-cr.cfg
Add a kokoro build for running with Code-Review +2 labels.

BUG=none
TEST=kokoro

Change-Id: I54acf306f5de92c83f52d00e7f2c66b7cadf7e36
Reviewed-on: https://chromium-review.googlesource.com/1351216
Commit-Ready: Stephen Barber <smbarber@chromium.org>
Tested-by: Stephen Barber <smbarber@chromium.org>
Reviewed-by: Zach Reizner <zachr@chromium.org>
2018-11-27 19:14:13 -08:00
Stephen Barber
8ee09731a4 uprev crosvm and 9s libc to 0.2.44
BUG=chromium:908695
TEST=emerge crosvm
CQ-DEPEND=CL:1351218

Change-Id: Ife3895ed07eaba6e768fa7816dca403bc290fb7c
Reviewed-on: https://chromium-review.googlesource.com/1351219
Commit-Ready: Stephen Barber <smbarber@chromium.org>
Tested-by: Stephen Barber <smbarber@chromium.org>
Reviewed-by: Zach Reizner <zachr@chromium.org>
2018-11-27 19:13:44 -08:00
Daniel Verkamp
f4ee2ad205 devices: make all virtio devices report version 1
Our virtio devices are all "modern" (no legacy/transitional support).
Add VIRTIO_F_VERSION_1 to the features() handler for all virtio devices
that didn't already have it.

This lets us remove the hack that forced VIRTIO_F_VERSION_1 on for all
devices.

BUG=None
TEST=build_test; boot crosvm on kevin

Change-Id: I008926a9075679aae46069aa37a14504f10e8584
Signed-off-by: Daniel Verkamp <dverkamp@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1313013
Reviewed-by: Zach Reizner <zachr@chromium.org>
2018-11-26 20:31:22 -08:00
Daniel Verkamp
45cfe2164b msg_socket: reformat with rust fmt
TEST=cargo fmt -- --check
BUG=None

Change-Id: I489def320a27336dd85743f7bf5b944756425c52
Signed-off-by: Daniel Verkamp <dverkamp@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1347009
Commit-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com>
Reviewed-by: Jingkui Wang <jkwang@google.com>
2018-11-22 19:07:51 -08:00
Jingkui Wang
7a9c6def98 msg_socket: fix msg_on_socket alignment issue
Instead of using unaligned memory. Allocate aligned memory and copy into it, we
were already doing an clone. There should be no overhead for this new
approach.

BUG=chromium:900962
TEST=build and run

Change-Id: I011d4c93a872d7d285e8898ff332f3ee1ef104a9
Reviewed-on: https://chromium-review.googlesource.com/1344225
Commit-Ready: Jingkui Wang <jkwang@google.com>
Tested-by: Jingkui Wang <jkwang@google.com>
Reviewed-by: Daniel Verkamp <dverkamp@chromium.org>
2018-11-21 05:53:03 -08:00
Daniel Verkamp
6bfee45131 wl: silence unused code warnings
When wl-dmabuf is not enabled, rustc complains about unused imports and
enum values.  Add compiler directives to silence the warnings.

BUG=None
TEST='cargo build', 'emerge-nami crosvm'

Change-Id: Ib39735d329f8aa835c0b5842b10bfe78d0e578d9
Signed-off-by: Daniel Verkamp <dverkamp@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1327827
2018-11-21 05:52:54 -08:00
David Tolnay
d32efefb7a macros: Format code inside of quote! invocations
Rustfmt currently does not touch the content of macro invocations. Also
it used to have a bug where if it changed indentation of a block of code
containing a multi-line macro invocation then the macro input would not
get correspondingly indented. That bug was visible across some of the
code here.

For example:

    // rustfmt decides to un-indent the surrounding block:
        let data_size_in_bytes = quote!(
            ( #( #field_types::FIELD_WIDTH as usize )+* ) / 8
        );

    // poorly formatted resulting code:
    let data_size_in_bytes = quote!(
            ( #( #field_types::FIELD_WIDTH as usize )+* ) / 8
        );

    // should have been:
    let data_size_in_bytes = quote!(
        ( #( #field_types::FIELD_WIDTH as usize )+* ) / 8
    );

TEST=cargo check crosvm
TEST=cargo test each of the three proc-macro crates
CQ-DEPEND=CL:1338507

Change-Id: Id2d456a8d85d719fbc0a65624f153f0f9df6f500
Reviewed-on: https://chromium-review.googlesource.com/1338508
Commit-Ready: David Tolnay <dtolnay@chromium.org>
Tested-by: David Tolnay <dtolnay@chromium.org>
Reviewed-by: Chirantan Ekbote <chirantan@chromium.org>
2018-11-21 05:52:46 -08:00
David Tolnay
1d0b445be2 macros: Update syn to 0.15
This brings us onto the stable API surface area for procedural macros
that stabilized in Rust 1.30, rather than the string-based shim on
older compilers.

    https://blog.rust-lang.org/2018/10/25/Rust-1.30.0.html

Intervening release notes:

- https://github.com/dtolnay/syn/releases/tag/0.13.0
- https://github.com/dtolnay/syn/releases/tag/0.14.0
- https://github.com/dtolnay/syn/releases/tag/0.15.0

TEST=cargo check crosvm
TEST=cargo test each of the three proc-macro crates
TEST=build_packages
CQ-DEPEND=CL:1340766

Change-Id: Idcf14df0225ab41423b9a8639d0bba0a63513712
Reviewed-on: https://chromium-review.googlesource.com/1338507
Commit-Ready: David Tolnay <dtolnay@chromium.org>
Tested-by: David Tolnay <dtolnay@chromium.org>
Reviewed-by: Chirantan Ekbote <chirantan@chromium.org>
2018-11-21 05:52:45 -08:00
Daniel Verkamp
e81a3e66cc devices: convert virtio features to a u64
The virtio specification only defines feature bits in the 0-63 range
currently, so we can represent the features as a u64.  The Linux kernel
makes the same simplifying assumption, and very few features have been
defined beyond the first 32 bits, so this is probably safe for a while.

This allows the device models to be simplified, since they no longer
need to deal with the features paging mechanism (it is handled by the
generic virtio transport code).

BUG=None
TEST=build_test; boot termina on kevin

Change-Id: I6fd86907b2bdf494466c205e85072ebfeb7f5b73
Signed-off-by: Daniel Verkamp <dverkamp@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1313012
Commit-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com>
Reviewed-by: Dylan Reid <dgreid@chromium.org>
Reviewed-by: Zach Reizner <zachr@chromium.org>
2018-11-21 01:25:28 -08:00
Chirantan Ekbote
5c4ad02dd4 crosvm_plugin: Remove underscores in variable name
Remove the double underscore in front of `__has_extension` in crosvm.h.
Double underscores in identifiers are reserved for the compiler's
internal use and as it so happens, `__has_extension` is a macro that
clang defines for code to determine whether the compiler supports a
given feature.

We shouldn't be using double underscores in any of the variable names in
this header file but for now just fix the problematic one so that the
code can actually compile under clang.

BUG=b:80150167
TEST=Compile one of the test plugins with clang

Change-Id: Ibb59e72c968a7f245bd6cc693da99f9263eedf33
Signed-off-by: Chirantan Ekbote <chirantan@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1341100
Reviewed-by: Zach Reizner <zachr@chromium.org>
Reviewed-by: Daniel Verkamp <dverkamp@chromium.org>
2018-11-20 18:27:40 -08:00
David Tolnay
cccbe6717c toolchain: The latest stable version is required
TEST=rustup update stable && cargo +stable check

Change-Id: I3f51132a6d3d5daac1f77924fd910b46aa4c6118
Reviewed-on: https://chromium-review.googlesource.com/1340657
Commit-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com>
Tested-by: David Tolnay <dtolnay@chromium.org>
Reviewed-by: Zach Reizner <zachr@chromium.org>
2018-11-20 05:52:41 -08:00
David Tolnay
298cf591ac toolchain: Add rust-toolchain file
The rust-toolchain file defines a local toolchain override that is
respected by rustup when running Cargo commands. This override applies
to the directory containing the rust-toolchain file as well as its
subdirectories. It makes it so that running `cargo check` or `cargo fmt`
always uses the intended toolchain, unless overridden by e.g. `cargo
+nightly check`, regardless of what toolchain the user has selected as
global default. No more accidentally running a too new or old version of
rustfmt!

We will need to bump this version number when rolling to a newer
toolchain in ebuild. When that happens, local Cargo commands by other
crosvm developers will automatically download the new toolchain.

For details on rust-toolchain:

    https://github.com/rust-lang-nursery/rustup.rs#the-toolchain-file
    https://github.com/rust-lang-nursery/rustup.rs#override-precedence

This file is ignored during emerge. Verified by setting rust-toolchain
to a bogus version number and emerge succeeded anyway.

TEST=rustc --version
TEST=rustc +nightly --version
TEST=cargo check
TEST=cargo fmt --all
TEST=cargo +nightly check
TEST=build_packages

Change-Id: Ia4d74a0c8c632bcd7b171f6c039b068fb30b5502
Reviewed-on: https://chromium-review.googlesource.com/1340728
Commit-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com>
Tested-by: David Tolnay <dtolnay@chromium.org>
Reviewed-by: Zach Reizner <zachr@chromium.org>
2018-11-20 05:52:35 -08:00
Jingkui Wang
e13b180f74 crosvm: use msg_socket in vm_control
Refactor existing code to use msg_socket.

BUG=None
TEST=local build and run

Change-Id: Iee72326b330e035303f679e1aedd6e5d18ad4f8a
Reviewed-on: https://chromium-review.googlesource.com/1260260
Commit-Ready: Jingkui Wang <jkwang@google.com>
Tested-by: Jingkui Wang <jkwang@google.com>
Reviewed-by: Zach Reizner <zachr@chromium.org>
2018-11-19 16:28:35 -08:00
Jingkui Wang
b23c091c8b Reland "devices: refactor proxy to use msg_socket"
This reverts commit 9d5e8f34ad.

Reason for revert: msg_socket was fixed to not call sendmsg/recvmsg

BUG=None
TEST=local build

Original change's description:
> Revert "devices: refactor proxy to use msg_socket"
>
> This reverts commit 142ce3efd9.
>
> Reason for revert: <INSERT REASONING HERE>
>
> Original change's description:
> > devices: refactor proxy to use msg_socket
> >
> > Use msg socket in proxy.
> >
> > BUG=None
> > TEST=None
> >
> > Change-Id: Ia5ebc4410918a261fe525abc1051ebbbdc66a876
> > Reviewed-on: https://chromium-review.googlesource.com/1260259
> > Commit-Ready: Jingkui Wang <jkwang@google.com>
> > Tested-by: Jingkui Wang <jkwang@google.com>
> > Reviewed-by: Zach Reizner <zachr@chromium.org>
>
> Bug: None
> Change-Id: Ic7827969e9ad508cd1b65cb7b8747e81e0cd02d0
> Reviewed-on: https://chromium-review.googlesource.com/c/1313014
> Reviewed-by: Daniel Verkamp <dverkamp@chromium.org>
> Commit-Queue: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com>
> Tested-by: Jingkui Wang <jkwang@google.com>

Bug: None
Change-Id: I27822d7572cab028ec6ed1f0f686fface0858a9a
Reviewed-on: https://chromium-review.googlesource.com/1315511
Commit-Ready: Jingkui Wang <jkwang@google.com>
Tested-by: Jingkui Wang <jkwang@google.com>
Reviewed-by: Daniel Verkamp <dverkamp@chromium.org>
2018-11-19 07:09:20 -08:00
Daniel Verkamp
ac2e50a6ce aarch64: report PCI interrupts as level triggered
This matches the x86 mptable change from commit ac242df107.

BUG=None
TEST=Boot termina on kevin

Change-Id: I370419f3edc1271df4ae7cdbe4b35241945c2757
Signed-off-by: Daniel Verkamp <dverkamp@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1333942
Reviewed-by: Dylan Reid <dgreid@chromium.org>
2018-11-16 05:02:22 -08:00
Daniel Verkamp
f0fd764428 qcow: calculate refcount table size correctly
The refcount table needs to include not only the data clusters and
reftable clusters but also the L1 and L2 tables and main qcow2 header.

Also add sanity checking to prevent allocating a cluster that cannot be
indexed with the current reference count table size.

BUG=chromium:899273
TEST=cargo test -p qcow

Change-Id: I9da4515db3dccbabdeee4f60dc392b5b42d62cb2
Signed-off-by: Daniel Verkamp <dverkamp@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1308833
Reviewed-by: Dylan Reid <dgreid@chromium.org>
2018-11-16 05:02:06 -08:00
Zach Reizner
94923406ae qcow_utils: do not close given fds in convert_to_* functions
The `convert_to_*` functions take ownership of the passed FDs even
though they should not according to the function's contract. This change
clones the passed FDs so that the caller can retain ownership of its
FDs.

This change also wraps most of the implementations in catch_unwind so
that panics do not unwind past FFI boundaries, which is undefined
behavior.

BUG=chromium:905799
TEST=in crosh: `vmc export <vm name> <file name>`

Change-Id: I2f65ebff51243675d0854574d8fd02cec1b237a4
Reviewed-on: https://chromium-review.googlesource.com/1338501
Commit-Ready: Zach Reizner <zachr@chromium.org>
Tested-by: Zach Reizner <zachr@chromium.org>
Reviewed-by: Daniel Verkamp <dverkamp@chromium.org>
2018-11-16 05:01:42 -08:00
Zach Reizner
674504a3de move qcow_utils to members from dependencies
The qcow_utils crate is not a dependency of crosvm and should not be
built in the same phase as crosvm. Doing so was harmless before the
recent rustc/cargo changes, which seem to be triggering some kind of
race condition. This change works around the bug.

CQ-DEPEND=CL:1336738
TEST=cargo test --release
BUG=chromium:900366

Change-Id: I01048128b20cf06580e809f6701688ab72e7756d
Reviewed-on: https://chromium-review.googlesource.com/1336737
Commit-Ready: Zach Reizner <zachr@chromium.org>
Tested-by: Zach Reizner <zachr@chromium.org>
Reviewed-by: Dylan Reid <dgreid@chromium.org>
Reviewed-by: Daniel Verkamp <dverkamp@chromium.org>
2018-11-16 05:01:41 -08:00
Zach Reizner
2fb61f77fe msg_socket: return io:Error from pair() instead of Option
Change-Id: I8733794bca7a9510d5508941cbe3297a78e9923b
Reviewed-on: https://chromium-review.googlesource.com/1314210
Commit-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com>
Tested-by: Zach Reizner <zachr@chromium.org>
Reviewed-by: Zach Reizner <zachr@chromium.org>
2018-11-15 08:11:28 -08:00
Zach Reizner
e0305c6533 msg_socket: implement AsRawFd for UnixDatagram wrappers
Change-Id: I0589c6b88b4922db422771dc5930ca3f00b91736
Reviewed-on: https://chromium-review.googlesource.com/1314209
Commit-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com>
Tested-by: Zach Reizner <zachr@chromium.org>
Reviewed-by: Jingkui Wang <jkwang@google.com>
2018-11-15 08:11:28 -08:00
Zach Reizner
c527c1a7e8 fix formatting in msg_on_socket_derive.rs unit test
Turns out my cargo-fmt binary was being sourced from ~/.cargo/bin, which
was very out of date. Hopefully less formatting issues come out of my
chroot now.

TEST=cargo fmt --all -- --check
BUG=None

Change-Id: I50592e2781835840dc5d589c681b3438d6de3370
Reviewed-on: https://chromium-review.googlesource.com/1324669
Commit-Ready: Zach Reizner <zachr@chromium.org>
Tested-by: Zach Reizner <zachr@chromium.org>
Reviewed-by: Daniel Verkamp <dverkamp@chromium.org>
2018-11-09 07:20:12 -08:00
Zach Reizner
f741098251 kokoro: make output slightly more verbose
This change includes relevant toolchain versions and some echos
announcing the stages of testing. This should make kokoro's logs a bit
easier to diagnose.

TEST=kokoro_simulator.sh
BUG=None

Change-Id: I6d51d8ae6618a244338605d61882eeedcb1f5b79
Reviewed-on: https://chromium-review.googlesource.com/1324689
Commit-Ready: Zach Reizner <zachr@chromium.org>
Tested-by: Zach Reizner <zachr@chromium.org>
Reviewed-by: Stephen Barber <smbarber@chromium.org>
2018-11-09 07:20:06 -08:00
Zach Reizner
3c71bb953e msg_socket_on_derive: use fully qualified types
The types from msg_socket were assumed to be in scope for the custom
derive implementation, which would cause mysterious compiler errors if
the custom derive was invoked in a module without msg_socket types in
scope.

This CL uses fully qualified types in the generated output to avoid
these errors.

This change also uses `extern crate msg_socket` in case the call site
doesn't have it in scope.

BUG=None
TEST=cargo test -p msg_on_socket_derive

Change-Id: Ie6443cd4ffc070d27e71de123090a58f19846472
Reviewed-on: https://chromium-review.googlesource.com/1314208
Commit-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com>
Tested-by: Zach Reizner <zachr@chromium.org>
Reviewed-by: Jingkui Wang <jkwang@google.com>
2018-11-07 06:35:06 -08:00
Daniel Verkamp
60f55da937 devices: balloon: define features as shift counts
This matches the definitions from the virtio specification and makes
balloon consistent with the other virtio devices in crosvm.

BUG=None
TEST=build_test.py

Change-Id: I9dd6b6ec981944e28eaf6bc92332db5ec326433b
Signed-off-by: Daniel Verkamp <dverkamp@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1313011
Commit-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com>
Reviewed-by: Dylan Reid <dgreid@chromium.org>
2018-11-07 01:21:20 -08:00
Jingkui Wang
994e418039 msg_socket: avoid send_msg/recv_msg call if it's not necessary
This patch avoids sendmsg/recvmsg if there is no fd.

BUG=chromium:900962
TEST=build local image and test

Change-Id: I3a5fd52232dc7d98dacd78aa0b383a436056ffb7
Reviewed-on: https://chromium-review.googlesource.com/1313656
Commit-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com>
Tested-by: Jingkui Wang <jkwang@google.com>
Reviewed-by: Zach Reizner <zachr@chromium.org>
2018-11-02 14:50:47 -07:00
Jingkui Wang
9d5e8f34ad Revert "devices: refactor proxy to use msg_socket"
This reverts commit 142ce3efd9.

Reason for revert: <INSERT REASONING HERE>

Original change's description:
> devices: refactor proxy to use msg_socket
> 
> Use msg socket in proxy.
> 
> BUG=None
> TEST=None
> 
> Change-Id: Ia5ebc4410918a261fe525abc1051ebbbdc66a876
> Reviewed-on: https://chromium-review.googlesource.com/1260259
> Commit-Ready: Jingkui Wang <jkwang@google.com>
> Tested-by: Jingkui Wang <jkwang@google.com>
> Reviewed-by: Zach Reizner <zachr@chromium.org>

Bug: None
Change-Id: Ic7827969e9ad508cd1b65cb7b8747e81e0cd02d0
Reviewed-on: https://chromium-review.googlesource.com/c/1313014
Reviewed-by: Daniel Verkamp <dverkamp@chromium.org>
Commit-Queue: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com>
Tested-by: Jingkui Wang <jkwang@google.com>
2018-11-02 16:59:10 +00:00
Jingkui Wang
142ce3efd9 devices: refactor proxy to use msg_socket
Use msg socket in proxy.

BUG=None
TEST=None

Change-Id: Ia5ebc4410918a261fe525abc1051ebbbdc66a876
Reviewed-on: https://chromium-review.googlesource.com/1260259
Commit-Ready: Jingkui Wang <jkwang@google.com>
Tested-by: Jingkui Wang <jkwang@google.com>
Reviewed-by: Zach Reizner <zachr@chromium.org>
2018-10-31 21:59:23 -07:00
Daniel Verkamp
aac28134d2 main: merge VirtIoDeviceInfo back into Config
This was split to allow the virtio PCI transition. Now that everything
is moved over, we can put the virtio configuration back into Config.

BUG=None
TEST=Boot crosvm on kevin and verify virtio devices still work

Change-Id: I2411f5131729f84b6820aac67a92d07346f64021
Signed-off-by: Daniel Verkamp <dverkamp@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1281833
Reviewed-by: Dylan Reid <dgreid@chromium.org>
2018-10-31 21:59:16 -07:00
Daniel Verkamp
402d53bba8 devices: virtio: remove virtio MMIO transport
All devices have been converted to PCI, so we don't need MmioDevice.

BUG=chromium:854766
TEST=Boot crosvm on kevin and verify virtio devices still work

Change-Id: Ib6400e15bdb2153d14795de3cb0bfbf1845a8891
Signed-off-by: Daniel Verkamp <dverkamp@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1281832
Reviewed-by: Dylan Reid <dgreid@chromium.org>
2018-10-31 21:59:16 -07:00
Daniel Verkamp
5656c124af devices: block: fix seccomp failures from free()
It looks like free() will sometimes try to open
/proc/sys/vm/overcommit_memory in order to decide whether to return
freed heap memory to the kernel; change the seccomp filter to fail the
open syscalls with an error code (ENOENT) rather than killing the
process.

Also allow madvise to free memory for the same free() codepath.

BUG=chromium:888212
TEST=Run fio loop test on kevin

Change-Id: I1c27b265b822771f76b7d9572d9759476770000e
Signed-off-by: Daniel Verkamp <dverkamp@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1305756
Commit-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com>
Reviewed-by: Dylan Reid <dgreid@chromium.org>
2018-10-31 12:42:43 -07:00
Daniel Verkamp
eeebe63c43 cargo fmt with Rust 1.30.0
Rust 1.30.0 ships a new rustfmt that causes a few more formatting
changes.

BUG=None
TEST=Run kokoro tests with updated Rust version

Change-Id: I803765ec0f3d2447f627b1e990bce438512367f7
Signed-off-by: Daniel Verkamp <dverkamp@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1307816
Commit-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com>
Reviewed-by: Zach Reizner <zachr@chromium.org>
Reviewed-by: Dylan Reid <dgreid@chromium.org>
2018-10-31 12:42:26 -07:00
Daniel Verkamp
f28a864fd9 kokoro: update to Rust 1.30.0
Also add g++ to the apt package list, since minijail now requires it.

BUG=None
TEST=Rebuild Docker container and run tests

Change-Id: I3d5cee0fa626e840037ae83537bdf891b4489a49
Signed-off-by: Daniel Verkamp <dverkamp@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1307815
Commit-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com>
Reviewed-by: Zach Reizner <zachr@chromium.org>
2018-10-31 12:42:25 -07:00
Stephen Barber
49dd2e219d main: increase child wait timeout to 1 second
BUG=chromium:899302
TEST=vm.CrostiniStartTime

Change-Id: Ie434bc8ec2df7a7e8d1102feab5b84ebcdbb113d
Reviewed-on: https://chromium-review.googlesource.com/1306821
Commit-Ready: Stephen Barber <smbarber@chromium.org>
Tested-by: Stephen Barber <smbarber@chromium.org>
Reviewed-by: Zach Reizner <zachr@chromium.org>
2018-10-30 20:59:50 -07:00
Daniel Verkamp
ac242df107 Revert "mptable: mark PCI interrupts as edge triggered"
Legacy PCI interrupts should be level triggered, not edge triggered.

The reverted change was done as part of a series of patches during
debugging of virtio-pci differences from virtio-mmio, but this was not
the actual root cause of the problems.

BUG=None
TEST=Boot crosvm on x86-64 and verify virtio devices still work

This reverts commit 9357ceab6a.

Change-Id: If1bf6e48d63fe352f0b914f5bdb2e346ab210369
Signed-off-by: Daniel Verkamp <dverkamp@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1297840
Commit-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com>
Reviewed-by: Dylan Reid <dgreid@chromium.org>
Reviewed-by: Zach Reizner <zachr@chromium.org>
2018-10-29 21:18:14 -07:00
Daniel Verkamp
120d95e031 devices: pci: support level-triggered interrupts
Register the irqfd with resample support so that we can correctly
emulate level-triggered interrupts.  This requires each PciDevice to
listen for interrupt_resample events and re-assert the IRQ eventfd if it
should still be active.

BUG=None
TEST=Boot crosvm on x86-64 and arm devices

Change-Id: I5cf8d1d1705cf675b453962c00d2d606801fee91
Signed-off-by: Daniel Verkamp <dverkamp@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1298654
Commit-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com>
Reviewed-by: Dylan Reid <dgreid@chromium.org>
2018-10-29 21:18:14 -07:00