Add helper functions for common operations so that we don't have to
copy-paste the same thing everywhere.
BUG=none
TEST=cargo test
Change-Id: Ia9dd132336470cdaa5ecef72945f23f6d1dd4401
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/2437681
Tested-by: kokoro <noreply+kokoro@google.com>
Reviewed-by: Daniel Verkamp <dverkamp@chromium.org>
Commit-Queue: Chirantan Ekbote <chirantan@chromium.org>
When requested with the --gpu=cache-path=/path arg, crosvm
will pass it to Mesa via env var MESA_GLSL_CACHE_DIR. In
addition, the cache-size will also be passed along if
provided.
BUG=b:168540438
TEST=run with --gpu=cache-path=/tmp,cache-size=50M and
confirm that files are created in /tmp/mesa_shader_cache.
Change-Id: I2525597749d654a65373a723cefeab6cf2be62d7
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/2415509
Tested-by: John Bates <jbates@chromium.org>
Tested-by: kokoro <noreply+kokoro@google.com>
Reviewed-by: David Riley <davidriley@chromium.org>
Originally crosvm calls VDA::reset() when either QueueClear the input
or output queue. However, VDA::reset() only drops input buffers,
not guarantee if drop output buffers.
This CL removes the VDA::reset() call when QueueClear output queue.
Instead, we only clear the records of all the queued output buffers.
Note that it's still a workaround. The correct solution is to expose
VDA::DismissPictureBuffer() to libvda, and then clear the record of
the dismissed output buffer.
BUG=b:168557465
TEST=pass android.media.cts.AdaptivePlaybackTest#testVP8_eosFlushSeek
with related CLs
Change-Id: Ic88b8b9bb14e4b29f7859bf06bd2231cecc85776
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/2408597
Tested-by: kokoro <noreply+kokoro@google.com>
Reviewed-by: Alexandre Courbot <acourbot@chromium.org>
Reviewed-by: Keiichi Watanabe <keiichiw@chromium.org>
Commit-Queue: Chih-Yu Huang <akahuang@chromium.org>
When ProvidePictureBuffers() is called, it means the VDA already drops
the previous set of output buffers. This CL clears the variables that
are related to the output resource in ProvidePictureBuffers().
BUG=b:168557465
TEST=pass android.media.cts.AdaptivePlaybackTest#testVP8_eosFlushSeek
with related CLs
Change-Id: I0e562fd216c6f2b91e4cbbe3ad174bca99003a0a
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/2404511
Tested-by: kokoro <noreply+kokoro@google.com>
Commit-Queue: Chih-Yu Huang <akahuang@chromium.org>
Reviewed-by: Alexandre Courbot <acourbot@chromium.org>
Reviewed-by: Keiichi Watanabe <keiichiw@chromium.org>
When VDA requests crosvm to allocate N output buffers, crosvm will
request the userspace to allocate N+1 output buffers. Then crosvm
keeps one output buffer for notifying EOS.
Originally, after the preserved buffer is dequeued to notify EOS,
crosvm might keep another output buffer for next EOS. If so, then
crosvm will register all the N+1 buffers to VDA.
This CL changes to fix the preserved buffer until VDA requests another
set of output buffers. Also, it introduces another variable to track
the resource ids of queued buffers.
BUG=b:168557465
TEST=pass android.media.cts.AdaptivePlaybackTest#testVP8_eosFlushSeek
with related CLs
Change-Id: I8a6018f9e889dc6a2b6ef67d4915d6202858a42a
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/2404512
Tested-by: Chih-Yu Huang <akahuang@chromium.org>
Tested-by: kokoro <noreply+kokoro@google.com>
Auto-Submit: Chih-Yu Huang <akahuang@chromium.org>
Reviewed-by: Alexandre Courbot <acourbot@chromium.org>
Commit-Queue: Chih-Yu Huang <akahuang@chromium.org>
1. Captures with the AC97 dedicated MIC will have the AEC effect enabled.
2. Removes the "capture_effect" option in --ac97.
BUG=b:167946783
TEST=Record in the VM by `arecord -D hw:0,1 -f S16_LE -r 48000 -c 2\
/tmp/a.out` and verify the opened stream has effect = 0x01 by
`cras_test_client --dump_a`.
TEST=`cat /proc/asound/I82801AAICH/codec97#0/ac97#0-0 | grep \
Capabilities` in the VM and verify "dedicated MIC PCM IN
channel" is supported.
TEST=`amixer controls` and verify that 'Mic Capture Switch'
and 'Mic Capture Volume' mixer controls show up.
TEST=Unit test.
Cq-Depend: chromium:2395855
Change-Id: I67bff9528175528e284f409fac1f51ecaaa89427
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/2394983
Tested-by: Judy Hsiao <judyhsiao@chromium.org>
Tested-by: kokoro <noreply+kokoro@google.com>
Commit-Queue: Chih-Yang Hsia <paulhsia@chromium.org>
Reviewed-by: Chih-Yang Hsia <paulhsia@chromium.org>
Reviewed-by: Chirantan Ekbote <chirantan@chromium.org>
Auto-Submit: Judy Hsiao <judyhsiao@chromium.org>
It doesn't make sense to have 2 versions of this crate as we end up
missing bug fixes like chromium:2324089. Use the version from platform2
as that's updated more regularly.
BUG=b:167166153
TEST=Start a vm with a virtio-9p device and verify that it still works
Cq-Depend: chromium:2404987
Change-Id: I54abd88f64d599b68974c09a393c18ec830ecd76
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/2404516
Reviewed-by: Daniel Verkamp <dverkamp@chromium.org>
Tested-by: Daniel Verkamp <dverkamp@chromium.org>
Commit-Queue: Chirantan Ekbote <chirantan@chromium.org>
Use the filter iterator method instead of a specific in-block check to
filter out tags we want to keep.
BUG=None
TEST=Video plays in Youtube.
Change-Id: I8c34fadb548c26762e077a3ba6dde822b2fb864a
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/2409491
Tested-by: Alexandre Courbot <acourbot@chromium.org>
Tested-by: kokoro <noreply+kokoro@google.com>
Auto-Submit: Alexandre Courbot <acourbot@chromium.org>
Reviewed-by: Keiichi Watanabe <keiichiw@chromium.org>
Commit-Queue: Alexandre Courbot <acourbot@chromium.org>
This makes the code a bit clearer.
BUG=None
TEST=Video plays in Youtube.
Change-Id: Ia904e693b692d70949afd529218dfc0aed7ec1b0
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/2409490
Tested-by: Alexandre Courbot <acourbot@chromium.org>
Tested-by: kokoro <noreply+kokoro@google.com>
Auto-Submit: Alexandre Courbot <acourbot@chromium.org>
Reviewed-by: Keiichi Watanabe <keiichiw@chromium.org>
Commit-Queue: Alexandre Courbot <acourbot@chromium.org>
We are taking ownership of params here, so no need to clone.
BUG=None
TEST=Video plays in Youtube.
Change-Id: I1013e669cde7e5d0001992d7620643054c03d87d
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/2409489
Tested-by: Alexandre Courbot <acourbot@chromium.org>
Tested-by: kokoro <noreply+kokoro@google.com>
Auto-Submit: Alexandre Courbot <acourbot@chromium.org>
Reviewed-by: Keiichi Watanabe <keiichiw@chromium.org>
Commit-Queue: Alexandre Courbot <acourbot@chromium.org>
Needed by ArcVm.
BUG=b:162388795
TEST='echo foo > test.txt; stat TEST.TXT` works when ascii_casefold is
enabled
Change-Id: Id2e720d6e9e9e511ee4ec6bb619a9fdbe2aa5d6d
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/2403421
Tested-by: kokoro <noreply+kokoro@google.com>
Reviewed-by: Stephen Barber <smbarber@chromium.org>
Commit-Queue: Chirantan Ekbote <chirantan@chromium.org>
Switch from an FnMut for adding entries to an iterator-like approach.
We can't use the Iterator trait directly because the DirEntry struct has
a generic lifetime parameter and generic associated types are not
currently supported by the language.
Also provide an automatic implementation of readdirplus so that file
systems don't have to deal with some of its fiddly details.
Move the directory entry enumeration code into a separate re-usable
struct as we will need it for the casefold support in the next change.
BUG=b:162388795
TEST=vm.Virtiofs
Change-Id: I40c92468a4852f1e302c2e67877b7189268e9c9b
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/2403420
Reviewed-by: Stephen Barber <smbarber@chromium.org>
Tested-by: Chirantan Ekbote <chirantan@chromium.org>
Commit-Queue: Chirantan Ekbote <chirantan@chromium.org>
This CL moves the remaining response logic from Worker to be done
by the decoder or encoder Device. Currently Worker matches on the
returned responses from Device's process_cmd and process_event_fd,
and adds additional responses when the Device already knows the
responses to send. This allows the encoder and decoder to send
different responses when the same AsyncCmdTag is returned, and to
remove the `take_resource_id_to_notify_eos` Device trait function.
BUG=b:161774071
BUG=b:161782360
TEST=USE=test emerge-$BOARD crosvm
TEST=play multiple YouTube videos to completion
Change-Id: I3b210b59f528df473a03657af76b5b8df488f7f6
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/2352269
Tested-by: Alex Lau <alexlau@chromium.org>
Tested-by: kokoro <noreply+kokoro@google.com>
Commit-Queue: Alex Lau <alexlau@chromium.org>
Reviewed-by: Alexandre Courbot <acourbot@chromium.org>
Reviewed-by: Keiichi Watanabe <keiichiw@chromium.org>
This CL is a refactoring that moves out cancel_pending_requests as a
function of the descriptor map so that it can be shared with the
decoder and encoder implementation.
BUG=b:161774071
BUG=b:161782360
TEST=USE=test emerge-$BOARD crosvm
TEST=play YouTube video
Change-Id: I32cd7f5ced855cc42baa2d6d3d1a9db802433412
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/2379572
Tested-by: Alex Lau <alexlau@chromium.org>
Tested-by: kokoro <noreply+kokoro@google.com>
Reviewed-by: Alex Lau <alexlau@chromium.org>
Commit-Queue: Alex Lau <alexlau@chromium.org>
When switching to async usage of descriptor queues, it is more useful to
consume the offsets and lengths of the descriptor buffers instead of the
buffers mapped as `VolatileSlice`s. Having the offset,length pair and
the guest memory it refers to is enough to initiate async ops.
Async versions of non-offset read/write case aren't possible as using
the existing "seek" offset of the file doesn't make sense with async IO.
Adding the new version modifies the existing API. This is necessary as
now `Reader` and `Writer` own `GuestMemory`, which makes async possible.
TEST=unit tests and new test to exercise the async functions.
Change-Id: I0a5e50694f40217e5d6ac40f5fcb82944a4c117e
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/2306784
Reviewed-by: Daniel Verkamp <dverkamp@chromium.org>
Reviewed-by: Chirantan Ekbote <chirantan@chromium.org>
Tested-by: kokoro <noreply+kokoro@google.com>
Commit-Queue: Dylan Reid <dgreid@chromium.org>
Msi capability structure for 32-bit message address and per vector
masking is missed, so vfio pci device with such cap couldn't receive
msi interrupt in guest.
BUG=None
TEST=Pass pci device with such msi cap into guest, then check this
device function in guest.
Change-Id: If89c5392af72a5bd1165c53a6857c24fe067e29c
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/2381399
Reviewed-by: Tomasz Jeznach <tjeznach@chromium.org>
Reviewed-by: Daniel Verkamp <dverkamp@chromium.org>
Tested-by: kokoro <noreply+kokoro@google.com>
Commit-Queue: Xiong Zhang <xiong.y.zhang@intel.corp-partner.google.com>
GuestMemory is just Arcs, cloning it is as cheap as keeping an Rc.
Change-Id: I160585ce0cf70aa0ec33897b550b82fe09bde2a4
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/2364992
Reviewed-by: Daniel Verkamp <dverkamp@chromium.org>
Tested-by: kokoro <noreply+kokoro@google.com>
Commit-Queue: Dylan Reid <dgreid@chromium.org>
These keys are frequently found as hardware keys on mobile devices.
BUG=b:163628929
TEST=Use crosvm to launch AOSP Cuttlefish and send volume key events.
Change-Id: I9175d32cfd4060abd74f0fde4100284483f13102
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/2369357
Tested-by: Daniel Norman <danielnorman@google.com>
Tested-by: kokoro <noreply+kokoro@google.com>
Commit-Queue: Daniel Norman <danielnorman@google.com>
Reviewed-by: Daniel Verkamp <dverkamp@chromium.org>
Reviewed-by: Jorge Moreira Broche <jemoreira@google.com>
It's not supported by the protocol and unused by the virtio-video
kernel driver.
BUG=b:161774071
TEST=USE=test emerge-$BOARD crosvm
Change-Id: I5d28072618187b90acb29fbb4b4272f644ebf1d0
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/2361543
Reviewed-by: Keiichi Watanabe <keiichiw@chromium.org>
Reviewed-by: Alexandre Courbot <acourbot@chromium.org>
Tested-by: kokoro <noreply+kokoro@google.com>
Commit-Queue: Alex Lau <alexlau@chromium.org>
Where it simplifies the code, use tempfile() rather than TempDir to
create temporary files in tests.
BUG=None
TEST=./build_test
Change-Id: I5caff512a38a3b94556b0c72693e432503d6e679
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/2360459
Tested-by: kokoro <noreply+kokoro@google.com>
Commit-Queue: Daniel Verkamp <dverkamp@chromium.org>
Reviewed-by: Dylan Reid <dgreid@chromium.org>
Not strictly necessary to build gfxstream, but the MemSlot abstraction
was recently introduced and it makes sense to use it everywhere.
BUG=b/153580313
TEST=gfxstream builds
Change-Id: I06c2ca15edd39c553eacf1256dd95c2fc72f67dc
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/2349394
Tested-by: Gurchetan Singh <gurchetansingh@chromium.org>
Reviewed-by: Lingfeng Yang <lfy@google.com>
Reviewed-by: Jason Macnak <natsu@google.com>
Reviewed-by: Zach Reizner <zachr@chromium.org>
Commit-Queue: Gurchetan Singh <gurchetansingh@chromium.org>
crosvm runs as a 32-bit binary on arm devices but arcvm has a 64-bit
kernel with a 64-bit userspace. Since the {GET,SET}FLAGS ioctls use a
c_long as part of the encoding, the encoded value changes based on
whether a long is 4 bytes or 8 bytes. This causes a mismatch where the
server expects the 4 byte encoding while the VM sends the 8 byte
encoding.
Check for both encodings when handling ioctls. The actual flag value
itself is actually just a c_int and not a c_long as you might expect
from the encoding. Since that has the same width on both 32 and 64 bit
systems we don't have to change the actual value that's returned.
BUG=b:163729385
TEST=lsattr and chattr still work inside the VM. Also use a test program
to check that the 64-bit versions also work inside the VM.
Change-Id: I77e98ea83372306597f7b3eb2bd675035be98d5d
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/2352281
Auto-Submit: Chirantan Ekbote <chirantan@chromium.org>
Reviewed-by: Daniel Verkamp <dverkamp@chromium.org>
Tested-by: Chirantan Ekbote <chirantan@chromium.org>
Commit-Queue: Chirantan Ekbote <chirantan@chromium.org>
Set the security context (via /proc/thread-self/attr/fscreate) before
creating files, directories, nodes, or symlinks. This ensures that
these entries appear atomically with the correct selinux labels.
BUG=b:155441848,b:158326112
TEST=vm.Virtiofs, arc.PlayStore.vm
TEST=Use strace to verify that selinux contexts are written to the
fscreate proc file before creation.
Cq-Depend: chromium:2291828
Change-Id: Id960dbc821540373f2df073768e3ebfcb1a1c3f1
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/2239728
Tested-by: kokoro <noreply+kokoro@google.com>
Reviewed-by: Chirantan Ekbote <chirantan@chromium.org>
Commit-Queue: Chirantan Ekbote <chirantan@chromium.org>
Auto-Submit: Chirantan Ekbote <chirantan@chromium.org>
This reverts commit 4ffb3d06bd.
Since ag/12302792 ARCVM now works with a fixed set of buffers, and will
make sure to submit only one given buffer to a given V4L2 index, so we
can revert this patch in order for the crosvm virtual device to work as
per the expectations of V4L2 decoders.
BUG=b:161323057
TEST=arc.VideoDecodeAccel.h264_vm passes on Kukui.
Change-Id: If822f3d23c3dd37a2107db076c91691a0d1b0a00
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/2340727
Tested-by: kokoro <noreply+kokoro@google.com>
Tested-by: Alexandre Courbot <acourbot@chromium.org>
Reviewed-by: Keiichi Watanabe <keiichiw@chromium.org>
Commit-Queue: Alexandre Courbot <acourbot@chromium.org>
Calls to the kvm crate have been replaced by calls to hypervisor and
devices::irqchip. Plugin is unchanged and still KVM-specific.
x86 creates and configures vcpus on the vcpu thread instead of the main
thread.
Code that still depends on kvm or kvm_sys:
- crosvm_plugin, plugin, and protos use kvm and kvm_sys if built with
the plugin feature
- devices::VfioGroup does a kvm_sys ioctl
- devices::irqchip and hypervisor use kvm_sys. hypervisor uses
kvm::Cap and kvm::CpuId internally for now.
BUG=chromium:1077058
TEST=runs es2gears_wayland on kukui
TEST=runs evince on amd64-generic with kernel and split irqchip
TEST=build_test excluding tpm2
TEST=cargo check --features plugin
Change-Id: I0068e34da6a5ff0079b1237be1958933bf12ffe4
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/2307711
Reviewed-by: Daniel Verkamp <dverkamp@chromium.org>
Tested-by: kokoro <noreply+kokoro@google.com>
Commit-Queue: Steven Richman <srichman@google.com>
Like gfxstream, virtio_3d can also support non-exportable memory
when run in single-process mode. This is useful for getting
GL4.5/VK on Nvidia, where dma-buf mmap is not supported.
BUG=chromium:924405
TEST=piglit -t arb_buffer_storage
Change-Id: I072803fd414ddd68bcaafc1f17d236680d6aaa67
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/2250461
Reviewed-by: Gurchetan Singh <gurchetansingh@chromium.org>
Reviewed-by: Lingfeng Yang <lfy@google.com>
Tested-by: Gurchetan Singh <gurchetansingh@chromium.org>
Commit-Queue: Gurchetan Singh <gurchetansingh@chromium.org>
This CL takes the global map_request and uses it as an Arc<Mutex<>>
reference in virtio gpu, enabling virtio gpu backends to generate
external library mappings.
The workflow is demonstrated in the gfxstream backend:
1. Guest triggers vkMapMemory on host
2. Host generates a blob id, sends back to guest
3. Guest asks to RESOURCE_CREATE_BLOB with the blob id,
creating a resource id
4. Guest asks to RESOURCE_MAP_BLOB with the resulting resource id
5. Host gets hva, size from the backend using the resource id
6. Host maps hva, size via KVM to the guest pci offset via sending a
ExternalMapping over map_request
7. Guest maps that PCI offset, exposing memory to guest userspace
BUG=b/153580313
TEST=dEQP.vk.memory.*
Change-Id: I242beedab1dcaf9eb08d9797ed10dc993b58abde
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/2035595
Reviewed-by: Gurchetan Singh <gurchetansingh@chromium.org>
Reviewed-by: Lingfeng Yang <lfy@google.com>
Tested-by: Gurchetan Singh <gurchetansingh@chromium.org>
Commit-Queue: Gurchetan Singh <gurchetansingh@chromium.org>
The emulated CMOS RTC device always returns the hour field in 24-hour
format; initialize the Status Register B bit that indicates this to the
guest.
This also lets Linux register the CMOS RTC as an rtc-class device. It
was previously ignoring it since it was assuming the device was in
12-hour mode.
Also bump the minimum IRQ for the system allocator up to 9 to avoid
sharing IRQ 8, which becomes an issue once Linux tries to enable the RTC
device:
snd_intel8x0 0000:00:0b.0: PCI->APIC IRQ transform: INT C -> IRQ 8
genirq: Flags mismatch irq 8. 00000080 (snd_intel8x0) vs. 00000000 (rtc0)
snd_intel8x0 0000:00:0b.0: unable to grab IRQ 8
snd_intel8x0: probe of 0000:00:0b.0 failed with error -16
On x86_64, only 4 device IRQs are used (for PCI pin interrupts), so this
does not reduce the number of available IRQs for devices. Most PCI
devices in crosvm also support MSI-X, which this change also does not
affect.
BUG=b:162789858
TEST=Boot Linux 5.8; verify existence of /sys/class/rtc/rtc0
TEST=Boot on x86_64 Chromebook; verify IRQ 8 is not used by PCI devices
Change-Id: I39ca6a823914d2d27caec7812b54bf754ac3db9a
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/2337370
Reviewed-by: Dylan Reid <dgreid@chromium.org>
Reviewed-by: Tomasz Jeznach <tjeznach@chromium.org>
Tested-by: kokoro <noreply+kokoro@google.com>
Commit-Queue: Daniel Verkamp <dverkamp@chromium.org>
In the case of multi-queue block, there might be unused queues. This
will be indicated by the driver starting the device without marking
those queues are ready. Ignore validating non-ready queues.
Change-Id: Ifef14e4c4cf96bc01bb1d8b2488a0bbef2f9ec6c
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/2125373
Tested-by: Dylan Reid <dgreid@chromium.org>
Tested-by: kokoro <noreply+kokoro@google.com>
Commit-Queue: Dylan Reid <dgreid@chromium.org>
Reviewed-by: Daniel Verkamp <dverkamp@chromium.org>
With multiple async contexts processing requests from the same queue, it
is useful to be able to disable the queue notification until after all
the events have been processed. Keep a count of pending notify disables
to enable this use case.
Provide `NotifyGuard` as a RAII way of letting users disable
notifications for the scope of the guard. Once the non-async users of
queue are removed, `set_notify` can be made private.
BUG=chromium:901139
Change-Id: Id69de408d2ec9b7cec67f54551427af3aa32149b
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/2306782
Tested-by: Dylan Reid <dgreid@chromium.org>
Tested-by: kokoro <noreply+kokoro@google.com>
Commit-Queue: Dylan Reid <dgreid@chromium.org>
Reviewed-by: Daniel Verkamp <dverkamp@chromium.org>
Reviewed-by: Zach Reizner <zachr@chromium.org>
For now, this crate simply re-exports all of sys_util, but it will
be updated to provide new interfaces when needed. This is the
first step to making crosvm not directly depend on sys_util, so
that we can make the interface changes we need without fear of
negatively affecting (i.e. completely breaking) other usages
within chromeos.
BUG=b:162363783
TEST=./build_test
Change-Id: I7d0aa3d8a1f66af1c7fee8fd649723ef17027150
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/2325168
Tested-by: Michael Hoyle <mikehoyle@google.com>
Tested-by: kokoro <noreply+kokoro@google.com>
Commit-Queue: Michael Hoyle <mikehoyle@google.com>
Reviewed-by: Daniel Verkamp <dverkamp@chromium.org>
Reviewed-by: Zach Reizner <zachr@chromium.org>
Run unit tests for the old ioapic only on x86. Fixes use statements in
hypervisor tests. Run the hypervisor vcpu enable_feature test only on
x86, like in the kvm crate.
TEST=cargo test --no-run --target=aarch64-cros-linux-gnu
TEST=cargo test --no-run --target=aarch64-cros-linux-gnu -p devices
TEST=cargo test --no-run --target=aarch64-cros-linux-gnu -p hypervisor
BUG=1112839
Change-Id: Ie8dc152de6acd37b93e394642208a86a746c9308
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/2337151
Reviewed-by: Dylan Reid <dgreid@chromium.org>
Tested-by: Steven Richman <srichman@google.com>
Commit-Queue: Steven Richman <srichman@google.com>
If the resize failed (for example, if the block device was read only),
there is no need to notify the guest of a change in configuration space.
This prevents potential confusion due to the guest printing a capacity
change message even when the resize was unsuccessful.
BUG=None
TEST=`crosvm disk resize` a read-only disk (--disk)
Change-Id: Ica86654bf38d9fae9d681955438f52bce96dc427
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/2324063
Reviewed-by: Zach Reizner <zachr@chromium.org>
Reviewed-by: Dylan Reid <dgreid@chromium.org>
Tested-by: Daniel Verkamp <dverkamp@chromium.org>
Commit-Queue: Daniel Verkamp <dverkamp@chromium.org>
The lifetime parameter on the DescriptorChain struct ensures that it
doesn't outlive the GuestMemory that it references. However, this has
the unfortunate effect that DescriptorChains cannot be sent across
thread boundaries (because they don't have a static lifetime).
Instead, have the DescriptorChain clone the GuestMemory instead. This
ensures that the DescriptorChain will not outlive the GuestMemory while
also allowing it to be sent across thread boundaries.
dgreid - re-base and modify `next_async` to remove lifetime as well.
BUG=b:150264042
TEST=unit tests
Change-Id: I745d80d640c9766cbf36db0419c48fe077e0080d
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/2103601
Reviewed-by: Daniel Verkamp <dverkamp@chromium.org>
Tested-by: Dylan Reid <dgreid@chromium.org>
Commit-Queue: Dylan Reid <dgreid@chromium.org>
Clippy warns that this drop is not doing anything:
error: calls to `std::mem::drop` with a reference instead of an owned
value. Dropping a reference does nothing.
The code compiles without the drop, and resizing still works, so just
remove it.
BUG=None
TEST=bin/clippy
TEST=`crosvm disk resize 1 $((10*1024*1024*1024)) $SOCKET`
Change-Id: I1abf26fcd517a76b3007b70eb73545812a0dd79a
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/2324062
Tested-by: Daniel Verkamp <dverkamp@chromium.org>
Reviewed-by: Zach Reizner <zachr@chromium.org>
Reviewed-by: Dylan Reid <dgreid@chromium.org>
Commit-Queue: Dylan Reid <dgreid@chromium.org>
If the builder context switch to other tasks right after the
`bm.writeb`, then the results from `bm.readw` could be unexpected.
BUG=chromium:1086337
TEST=Build
Change-Id: I708b11ad3a556069a7b514f072222e913d91d643
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/2330879
Reviewed-by: Dylan Reid <dgreid@chromium.org>
Commit-Queue: Chih-Yang Hsia <paulhsia@chromium.org>
Tested-by: Chih-Yang Hsia <paulhsia@chromium.org>
The Block device constructor takes an optional control_socket, but it
can't spawn worker threads without a control_socket. This change makes
the control_socket truly optional by allowing the worker thread to not
have a control_socket.
BUG=None
TEST=crosvm run && crosvm resize
Change-Id: I887e32cfb532e14c249340702ebc85101486a36e
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/2318368
Reviewed-by: Zach Reizner <zachr@chromium.org>
Reviewed-by: Daniel Verkamp <dverkamp@chromium.org>
Tested-by: Zach Reizner <zachr@chromium.org>
Commit-Queue: Zach Reizner <zachr@chromium.org>
Auto-Submit: Zach Reizner <zachr@chromium.org>
This cleanup makes CmdResponse the only response type, rather than
writing VideoErrors directly. In addition, this makes all responses
easily cloneable for async event responses, which was not the case
before as VideoError encapsulates many uncloneable errors.
BUG=b:161774071
BUG=b:140082257
TEST=cargo clippy
TEST=USE=test emerge-$BOARD crosvm
TEST=play a YouTube video
Change-Id: Ife40e4d833899aae2e12612a12d277178c225ce2
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/2311496
Reviewed-by: Keiichi Watanabe <keiichiw@chromium.org>
Reviewed-by: Alexandre Courbot <acourbot@chromium.org>
Tested-by: kokoro <noreply+kokoro@google.com>
Commit-Queue: Alex Lau <alexlau@chromium.org>
This will be used by encoder by allowing multiple responses from a mojo
VEA RequireInputBuffers event, as well as moving virtio-video specific
logic for sending EOS buffers and cancelling pending requests from
Worker::handle_event_resp.
BUG=b:160730771
BUG=b:140082257
TEST=cargo clippy
TEST=USE=test emerge-$BOARD crosvm
TEST=play a YouTube video
Change-Id: I19bce3b04e736aac0e686d9cb309976108e61033
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/2309893
Reviewed-by: Alexandre Courbot <acourbot@chromium.org>
Tested-by: kokoro <noreply+kokoro@google.com>
Commit-Queue: Alex Lau <alexlau@chromium.org>
This does not change any behavior.
BUG=b:140082257
BUG=b:161774071
TEST=cargo clippy
TEST=USE=test emerge-$BOARD crosvm
TEST=deploy and play YouTube video
Change-Id: I3a649ee0657a53deaf8ab40471bb9440b06807e7
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/2305500
Reviewed-by: Alex Lau <alexlau@chromium.org>
Tested-by: Alex Lau <alexlau@chromium.org>
Tested-by: kokoro <noreply+kokoro@google.com>
Commit-Queue: Alex Lau <alexlau@chromium.org>
Move GuestAddress and GuestMemory to a new crate for VM memory. This
will make separating sys_util and crosvm independent making it easier
to use sys_util functions outside of crosvm.
Change-Id: I12e14948ea85754dfa6267b3a3fb32b77ef6796e
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/2311251
Auto-Submit: Dylan Reid <dgreid@chromium.org>
Commit-Queue: Dylan Reid <dgreid@chromium.org>
Tested-by: Dylan Reid <dgreid@chromium.org>
Reviewed-by: Zach Reizner <zachr@chromium.org>
This was introduced in a CL that did not use it, so it seems to be
unnecessary (maybe copy-pasted from another error enum).
Fixes a clippy warning:
error: variant is never constructed: `Unsupported`
BUG=None
TEST=bin/clippy
Change-Id: Iaccf6c86a5ef9e36efad1053776b6ee2db53a2cd
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/2316379
Tested-by: kokoro <noreply+kokoro@google.com>
Reviewed-by: Lingfeng Yang <lfy@google.com>
Reviewed-by: Dylan Reid <dgreid@chromium.org>
Reviewed-by: Zach Reizner <zachr@chromium.org>
Commit-Queue: Daniel Verkamp <dverkamp@chromium.org>
Currently the PIT creates a thread when the Pit object is instantiated,
but this is a problem when sandboxing is enabled, because minijail does
not want to fork when there is more than one thread.
This change updates the PIT to only create the woker thread once the PIT
has been read from or written to.
Split irqchip mode still does not seem to quite work in sandbox mode,
there appears to be some other sort of bug, but when run with the
hypervisor abstraction it does run. So this fix is mostly applicable
once hypervisor abstraction has been integrated.
BUG=chromium:1077058
TEST=ran test VM with --split-irqchip without --disable-sandbox and it
gets further than before, plus ran cargo test -p devices.
Change-Id: Idf511bde825d4a004f1492dcbd27f6829e872735
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/2304258
Tested-by: kokoro <noreply+kokoro@google.com>
Reviewed-by: Daniel Verkamp <dverkamp@chromium.org>
Reviewed-by: Udam Saini <udam@google.com>
Reviewed-by: Dylan Reid <dgreid@chromium.org>
Commit-Queue: Colin Downs-Razouk <colindr@google.com>
In some methods the context was queried several times, which complicates
the code a bit and potentially generates error-handling code that cannot
possibly be used once the context has been successfully obtained once.
Merge all these context requests into a single one for each method.
BUG=b:161774071
TEST=crosvm builds
Change-Id: Ia4a5036a0ed0fd20a928c448e62fdd8e37e8a914
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/2311497
Tested-by: Alexandre Courbot <acourbot@chromium.org>
Tested-by: kokoro <noreply+kokoro@google.com>
Reviewed-by: Alex Lau <alexlau@chromium.org>
Reviewed-by: Keiichi Watanabe <keiichiw@chromium.org>
Commit-Queue: Alexandre Courbot <acourbot@chromium.org>
Needed for syncfd support (transfer doesnt come with fence
import/export)
Needed for address space graphics protocol on virtio-gpu
BUG=b/156130048
Change-Id: If6f55985f04fd8a2862650b2cbd37a3ab816fb90
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/2224015
Commit-Queue: Lingfeng Yang <lfy@google.com>
Tested-by: Lingfeng Yang <lfy@google.com>
Reviewed-by: Jason Macnak <natsu@google.com>
Reviewed-by: Zach Reizner <zachr@chromium.org>
Blobs contain explicit metadata about scanout buffers that is
only inferred otherwise. This is useful for possible YUV with
virtio-gpu-2d or compressed 3d formats. The format modifier is
intentionally left out since virtualized KMS can not guarantee
that the host compositor will support a certain modifier at any
particular moment -- this can be queried from virglrenderer if
need be.
BUG=chromium:924405
TEST=compile and test
Change-Id: I3130df18378f40193118b78d03f564b7f5984d67
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/2250460
Reviewed-by: Zach Reizner <zachr@chromium.org>
Tested-by: Gurchetan Singh <gurchetansingh@chromium.org>
Tested-by: kokoro <noreply+kokoro@google.com>
Commit-Queue: Gurchetan Singh <gurchetansingh@chromium.org>
The new get_bars() function will be used to find all of the memory
and/or I/O BARs that need to be added to or removed from the bus objects
(mmio_bus and io_bus) and KVM mappings to handle guest-initiated
remapping of BAR locations.
BUG=None
TEST=cargo test -p devices
TEST=Boot vm_kernel in crosvm
Change-Id: Ic559abc2a22dee7c3d5c96d242ceaf2154135eb0
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/2300693
Reviewed-by: Tomasz Jeznach <tjeznach@chromium.org>
Tested-by: Daniel Verkamp <dverkamp@chromium.org>
Commit-Queue: Daniel Verkamp <dverkamp@chromium.org>
This simplifies the code that wants to access per-BAR properties like
size and type; rather than recalculating it from PCI register contents,
it can directly access the data that is already in the desired Rust
types.
BUG=None
TEST=cargo test -p devices pci
Change-Id: I073d39c605899053ad3497c4d0140432b343b793
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/2308075
Reviewed-by: Tomasz Jeznach <tjeznach@chromium.org>
Tested-by: kokoro <noreply+kokoro@google.com>
Commit-Queue: Daniel Verkamp <dverkamp@chromium.org>
PCI BARs have a minimum size based on the number of bits reserved for
the type bitfield, which is stored in the low bits of each BAR. The
minimum size is derived from the number of bits used to store the type:
2 bits (4-byte minimum) for I/O bars and 4 bits (16-byte minimum) for
memory BARs.
Previously, since the minimum size was not enforced, callers could
create invalid configurations that would allow the guest to overwrite
the type bits of the BARs. Luckily, this only happened in the unit
tests, which are fixed in this change.
BUG=None
TEST=cargo test -p devices
Change-Id: I30d65485254b49655c9ad7bec51e43533fe2c01d
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/2300692
Reviewed-by: Dylan Reid <dgreid@chromium.org>
Tested-by: kokoro <noreply+kokoro@google.com>
Commit-Queue: Daniel Verkamp <dverkamp@chromium.org>
Decoder currently ends up converting from H264 baseline profile provided
by virtio-video to H264 main profile to libvda.
BUG=b:161421220
BUG=b:140082257
TEST=cargo clippy
TEST=emerge-$BOARD dev-rust/libvda crosvm, start arcvm and play video in YouTube
Cq-Depend: chromium:2299802, chromium:2299604
Change-Id: I946af99b918b22b4dcb0e9ebab044c83f39ed9bf
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/2301325
Tested-by: Alex Lau <alexlau@chromium.org>
Commit-Queue: Alex Lau <alexlau@chromium.org>
Reviewed-by: Alexandre Courbot <acourbot@chromium.org>
Reviewed-by: Keiichi Watanabe <keiichiw@chromium.org>
Add missing virtio-video profiles and convert to them from libvda profiles.
BUG=b:161261612
BUG=b:140082257
TEST=cargo clippy
TEST=emerge-$BOARD dev-rust/libvda crosvm, start arcvm and play video in YouTube
Cq-Depend: chromium:2299802, chromium:2301325
Change-Id: I061c7eddc881eb785aa7c06cf587cc747007cb74
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/2299604
Reviewed-by: Alex Lau <alexlau@chromium.org>
Tested-by: Alex Lau <alexlau@chromium.org>
Commit-Queue: Alex Lau <alexlau@chromium.org>
Fixes for several bugs found in the KvmKernelIrqChip and the
KvmSplitIrqChip that were found while testing the hypervisor abstraction
layer integration:
- Fixed determination of which routes are MSI routes when setting
routes in KVM.
- Fixed issue with setting conflicting routes.
- Updated service_irq_event to read the associated EventFd that
triggered the irq event, and updated the documentation. Also updated
KvmKernelIrqChip's implementation to simply print an error because
that function should never be called on KvmKernelIrqChip.
- Fixed a bug with add_vcpu in both KvmKernelIrqChip and
KvmSplitIrqChip.
BUG=chromium:1077058
TEST=added a new test, ran devices tests, ran a VM with abstraction
integration changes with both irqchips
Change-Id: I255fbe498f6586d90cb196ff173a574a2cae0453
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/2300843
Reviewed-by: Udam Saini <udam@google.com>
Reviewed-by: Stephen Barber <smbarber@chromium.org>
Tested-by: kokoro <noreply+kokoro@google.com>
Commit-Queue: Colin Downs-Razouk <colindr@google.com>
This will allow it to be disabled for Protected KVM usecases on Android.
BUG=b:158290206
TEST=cargo test
Change-Id: Ibddd8a98c42bb0847aba804f5e33df29feedd783
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/2292372
Reviewed-by: Daniel Verkamp <dverkamp@chromium.org>
Reviewed-by: Dylan Reid <dgreid@chromium.org>
Tested-by: kokoro <noreply+kokoro@google.com>
Tested-by: Dylan Reid <dgreid@chromium.org>
Commit-Queue: Andrew Walbran <qwandor@google.com>
Implementation of a KVM split irqchip. KVM's "split irqchip"
functionality only works for x86/x86_64 so this is implemented in the
kvm/x86_64.rs sub-module. The chip has a userspace Pic, Ioapic, and Pit.
This change necessitated a couple modifications to the irqchip traits:
- The create_pit function has been removed, and it's now implied that
the creation of the irqchip handles the creation of the pit.
- A finalize_devices function has been added. This function will need
to be called on the irqchip after all devices have been setup. The
purpose of finalize_devices is to allow the irqchip to register any
userspace devices with the io_bus or mmio_bus, and for the irqchip to
supply any necessary EventFds to these devices.
- A service_irq_event function has been added. This function works a
lot like the service_irq function, except it's specifically designed
to work the same way an IRQFD works: it first asserts then immediately
deasserts the line. If a resamplefd is associated with the irq line,
the deassert doesn't happen immediately, but happens when an EOI
occurs for a vector associated with the line. The service_irq function
will still exist for unittests.
- A process_delayed_irq_events function has been added. There
is a case where a deadlock can occur if the main thread blocks on
locking the ioapic in order to service an irq event, while a vcpu
thread holding the ioapic lock waits on the main thread to process the
addition of a MSI route. So the irqchip delays the servicing of irq
events if it finds a locked ioapic, and the
process_delayed_irq_events function should be called regularly
by the main thread in order to re-try servicing any delayed irq events.
Bug: chromium:1077058
Test: split irqchip runs all available x86-specific irqchip tests.
Also added some tests specific for the split irqchip. Ran these tests
and cargo test -p hypervisor -p devices
Change-Id: I14866645b86b3bf318440051069ff165e2cf9d88
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/2290192
Tested-by: kokoro <noreply+kokoro@google.com>
Reviewed-by: Daniel Verkamp <dverkamp@chromium.org>
Commit-Queue: Colin Downs-Razouk <colindr@google.com>
Add a gpu argument to control whether vulkan support should be enabled
for gfxstream backend. Default to enabled.
BUG=None
TEST=launch_cvd
Change-Id: Icf9b24890f7c0da30f6c64326391037c6df1c853
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/2286238
Tested-by: kokoro <noreply+kokoro@google.com>
Commit-Queue: Kaiyi Li <kaiyili@google.com>
Reviewed-by: Lingfeng Yang <lfy@google.com>
Reviewed-by: Zach Reizner <zachr@chromium.org>
Added get/set_lapic_state functions to KvmKernelIrqChip and KvmVcpu.
Added tests for the KvmKernelIrqChip.
BUG=chromium:1077058
TEST=added associated tests for get/set_lapic_state
Change-Id: I0f1cebd9db370b5453a951f7827de511399cddf4
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/2260929
Reviewed-by: Stephen Barber <smbarber@chromium.org>
Tested-by: kokoro <noreply+kokoro@google.com>
Commit-Queue: Colin Downs-Razouk <colindr@google.com>
Added an emum for MPState, and functions to translate between MPState
and kvm_mp_state. Added get_mp_state and set_mp_state functions to KvmVm
and the IrqChip interface.
BUG=chromium:1077058
TEST=added associated tests for get/set_mp_state
Change-Id: I0825f81b1b4d85884690606d691e8b88e8306ae1
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/2261293
Reviewed-by: Daniel Verkamp <dverkamp@chromium.org>
Tested-by: kokoro <noreply+kokoro@google.com>
Commit-Queue: Colin Downs-Razouk <colindr@google.com>
In preparation of the KvmSplitIrqChip, moving tests out of the
irqchip::kvm module and into the irqchip::x86_64 module. This is because
the tests should be valid for any implementation of the IrqChipX86_64
trait.
Bug: chromium:1077058
Test: cargo test -p devices -p hypervisor
Change-Id: I57a15b275bce5e7d96f2736367b7aaef6b069fec
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/2276322
Tested-by: kokoro <noreply+kokoro@google.com>
Commit-Queue: Colin Downs-Razouk <colindr@google.com>
Reviewed-by: Stephen Barber <smbarber@chromium.org>
Update the pit to have get/set functions so it can be used as part of an
irqchip. Some of this translation is imprecise because we use a rust
Instant for storing the timer start time, where the PitState expects it
in terms of the host's monotonic clock, but it shouldn't really matter
because getting/setting the pit is only exposed as a plugin feature.
This also required adding some convenience functions to the sys_util
Clock.
Bug: chromium:1077058
Test: cargo test -p devices
Change-Id: I761747cd03ed123a2d2e685e0679a3d025a165ae
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/2265043
Tested-by: kokoro <noreply+kokoro@google.com>
Commit-Queue: Colin Downs-Razouk <colindr@google.com>
Reviewed-by: Daniel Verkamp <dverkamp@chromium.org>
Instead of coupling the reading of the event fd and the resampling of
the interrupt, add a separate member to just do the resample.
This will be used by async code that waits for and reads the event fd in
one step.
Change-Id: Ic5b1fd9adf8e32a572f31dc1c0c5ab32e94f4981
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/2268978
Commit-Queue: Dylan Reid <dgreid@chromium.org>
Tested-by: Dylan Reid <dgreid@chromium.org>
Tested-by: kokoro <noreply+kokoro@google.com>
Reviewed-by: Daniel Verkamp <dverkamp@chromium.org>
Posix acls are a truly incredible example of API design. The presence
of a default posix acl in a directory completely changes the meaning of
the `mode` parameter for all system call that create inodes. However,
this new behavior only applies when the inode is first created and not
for any subsequent operations that use the mode, like fchmod.
When a directory has a default posix acl, all inodes created in that
directory get the permissions specified in the default acl. The mode
parameter is treated like a umask where any permissions allowed by the
default acl that are not allowed by the mode parameter are blocked. The
actual umask is ignored in this case.
So to handle this properly we need to set FUSE_DONT_MASK to prevent the
kernel driver from preemptively applying the umask. Then we have to
check if the parent directory has a default posix acl and only apply the
umask to the mode if it does not. This also means that we cannot use
`mkdtemp` because that always creates directories with a mode of 0o700
and since the default posix acl calculation only applies on creation and
not on later operations, we need to apply the proper mode in the very
beginning.
BUG=b:159285544,b:152806644
TEST=vm.Virtiofs. Use a test program to create files/directories in
directories that have a default acl and ones that don't, and verify
that the mode is correctly set after creation
Change-Id: Ieca8ac9db391feebe5719630c5f3b57b04b71533
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/2260253
Tested-by: kokoro <noreply+kokoro@google.com>
Reviewed-by: Daniel Verkamp <dverkamp@chromium.org>
Commit-Queue: Chirantan Ekbote <chirantan@chromium.org>
Auto-Submit: Chirantan Ekbote <chirantan@chromium.org>
io_jail has been migrated to aosp/external/minijail/rust/minijail.
This removes the crosvm copy and updates the references to use the new
location.
BUG=chromium:1096175
TEST=cargo test
Cq-Depend: chromium:2254418
Change-Id: I29d5c6178b6faf5e52671cfbe6fc7e51f0d21dd2
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/2254298
Tested-by: Allen Webb <allenwebb@google.com>
Reviewed-by: Dylan Reid <dgreid@chromium.org>
Commit-Queue: Allen Webb <allenwebb@google.com>
Needed by arcvm.
BUG=b:159297591
TEST=run a test program that calls the ioctl
Change-Id: I1f8c17fa2b2457f5a9e73045c3dbee3440eb943d
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/2265932
Auto-Submit: Chirantan Ekbote <chirantan@chromium.org>
Reviewed-by: Daniel Verkamp <dverkamp@chromium.org>
Tested-by: Chirantan Ekbote <chirantan@chromium.org>
Commit-Queue: Chirantan Ekbote <chirantan@chromium.org>
Using AT_EMPTY_PATH with linkat requires the caller to have
CAP_DAC_READ_SEARCH in the init user namespace. Since the fs device
isn't going to have this when run in a sandbox, switch to using
/proc/self/fd with AT_SYMLINK_FOLLOW instead, which is documented in the
manpage as an alternative to AT_EMPTY_PATH.
BUG=b:159861594
TEST=`touch foo; ln foo bar` succeeds
Change-Id: I944d80d955742d653e36d245024adc48cf77d77e
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/2265933
Tested-by: kokoro <noreply+kokoro@google.com>
Commit-Queue: Chirantan Ekbote <chirantan@chromium.org>
Auto-Submit: Chirantan Ekbote <chirantan@chromium.org>
Reviewed-by: Daniel Verkamp <dverkamp@chromium.org>
Modified ioapic implementation for the hypervisor abstraction layer.
This implementation has the same functionality and tests as the existing
one, but accepts a vec of resample_events instead of a GsiRelay. It also
takes a list of irqfds instead of creating them itself.
This will be used by the KvmSplitIrqChip, and will eventualy be modified
again to support an ApicBus when we want to support a UserspaceIrqChip.
Bug: chromium:1077058
Test: cargo test -p hypervisor -p devices
Change-Id: I306724266511a7975a25a34955651ea6f53e1c4c
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/2255303
Reviewed-by: Stephen Barber <smbarber@chromium.org>
Tested-by: kokoro <noreply+kokoro@google.com>
Commit-Queue: Colin Downs-Razouk <colindr@google.com>
Copied and slightly modified pic implementation in the irqchip
submodule. It uses the PicState defined in the hypervisor crate and has
a register_resample_events function instead of a register_relay
function.
Some function signatures have been slightly changed to take &self and
&mut self where before they would take a PicState. This was done so
that the Pic struct itself would be the only object that needs access
to the resample_events rather than each PicState needing it's own copy
or clone.
This will later be used by the the KvmSplitIrqChip.
Test: cargo test -p devices -p hypervisor
Bug: chromium:1077058
Change-Id: Ia15ea1800b4339d3ad38d88d8ec6ace8ca5ea67a
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/2255302
Tested-by: kokoro <noreply+kokoro@google.com>
Reviewed-by: Stephen Barber <smbarber@chromium.org>
Reviewed-by: Daniel Verkamp <dverkamp@chromium.org>
Commit-Queue: Colin Downs-Razouk <colindr@google.com>
Vcpus are created on the Vm object, instead of with Vcpu::new. Vm keeps
a copy of the Hypervisor to support create_vcpu. Otherwise the methods
are the same as the kvm crate.
BUG=chromium:1077058
TEST=cargo test
Change-Id: I6fbd0e5fb5d81d4362a259e85eb392d8edbfff1f
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/2247366
Reviewed-by: Daniel Verkamp <dverkamp@chromium.org>
Tested-by: kokoro <noreply+kokoro@google.com>
Commit-Queue: Steven Richman <srichman@google.com>
Advertise that we support posix acls in the response to the init
message. Since the VM does access checks before sending the request to
the server, having this disabled meant that the VM was rejecting
requests that should have been allowed to succeed.
BUG=b:159285544
TEST=touch test
setfacl -m u:crosvm:rw test
su -s /bin/bash -c 'echo hello > test' crosvm
cat test # check that it contains "hello"
Change-Id: I047b590e4caf0f2883b3f6198b9bc071e9e40a93
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/2253494
Reviewed-by: Stephen Barber <smbarber@chromium.org>
Commit-Queue: Chirantan Ekbote <chirantan@chromium.org>
Tested-by: Chirantan Ekbote <chirantan@chromium.org>
The switch to 2 stage mkdir + create broke setgid bit handling on
directories. When this bit is set in a directory all inodes in that
directory should be created with the gid of that directory rather than
the gid of the process that made the call.
BUG=b:152806644
TEST=Set the sgid bit on a directory and verify that new files and
directories inherit the directory's group rather than the group of
the process that created them.
Change-Id: Iafce9fbb4281b2dc84e052e0a703745dde4b817b
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/2253493
Reviewed-by: Stephen Barber <smbarber@chromium.org>
Commit-Queue: Chirantan Ekbote <chirantan@chromium.org>
Tested-by: Chirantan Ekbote <chirantan@chromium.org>
We don't set FUSE_DONT_MASK so the guest kernel will apply the umask
to the mode before sending the request. Just pass it on unmodified.
BUG=b:152806644
TEST=vm.Virtiofs
Change-Id: Id0c138e9ccc3a361a2772ac144f1d3413b545d99
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/2253492
Auto-Submit: Chirantan Ekbote <chirantan@chromium.org>
Reviewed-by: Stephen Barber <smbarber@chromium.org>
Tested-by: Chirantan Ekbote <chirantan@chromium.org>
Commit-Queue: Chirantan Ekbote <chirantan@chromium.org>
Mostly to stop using virtio-fs region IDs in virtio-gpu.
From the spec:
"A device may have multiple shared memory regions associated with
it. Each region has a shmid to identify it, the meaning
of which is device-specific."
BUG=chromium:924405
TEST=compile and test
Change-Id: I5b938a1dbe8747812d77384f1781ccc1bd883e9f
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/2160030
Reviewed-by: Daniel Verkamp <dverkamp@chromium.org>
Commit-Queue: Gurchetan Singh <gurchetansingh@chromium.org>
Tested-by: Gurchetan Singh <gurchetansingh@chromium.org>
Implemented the remaining IrqChip trait functions for the
KvmKernelIrqChip, including register/unregister_irq_event and irq
routing functions.
Added some irqchip tests for setting irq routes and servicing irq lines.
Also added tests for registering irq events.
BUG=chromium:1077058
TEST=cargo test -p devices -p hypervisor
Change-Id: Ia04c927b663ebdcacc88bc61d746077aa5b02514
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/2246648
Reviewed-by: Stephen Barber <smbarber@chromium.org>
Reviewed-by: Daniel Verkamp <dverkamp@chromium.org>
Tested-by: kokoro <noreply+kokoro@google.com>
Commit-Queue: Colin Downs-Razouk <colindr@google.com>
Writing xattrs in the security namespace requires CAP_SYS_ADMIN in the
namespace that mounted the file system. The fs device doesn't have this
capability when run in a sandbox (and in the case of the /home directory
on chrome os, will never be able to gain it).
We've been able to set selinux xattrs so far because the selinux module
relaxes the capability check in favor of an selinux-based MAC check.
However, android also wants to be able to set the "security.sehash"
xattr, which is described in the manpage as a "performance optimization"
when recursively relabeling files.
Unfortunately since the android team nacked the kernel patch[1] that
would have relaxed the requirements for just the "security.sehash"
xattr, the only option for us is to rewrite the xattr name and prefix it
with "user.virtiofs" so that it ends up in the "user." xattr namespace.
The server should always have permission to create xattrs there.
BUG=b:155443663
TEST=start a vm and successfully set the security.sehash xattr then
check on the host side that it is actually stored as
user.virtiofs.security.sehash
[1]: https://www.spinics.net/lists/selinux/msg32330.html
Change-Id: Icd17b76c946c92d92009f0cc2b8b50c92ac580c6
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/2243111
Reviewed-by: Chirantan Ekbote <chirantan@chromium.org>
Tested-by: Chirantan Ekbote <chirantan@chromium.org>
Tested-by: kokoro <noreply+kokoro@google.com>
Commit-Queue: Chirantan Ekbote <chirantan@chromium.org>
Arcvm needs this ioctl for looking up the project id of an inode.
BUG=b:157189438
TEST=Call the ioctl inside a vm and verify that it succeeds
Change-Id: Ib178cf32b09056f9b1e9acedb49de068d5525a66
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/2214964
Tested-by: kokoro <noreply+kokoro@google.com>
Commit-Queue: Matthias Springer <springerm@chromium.org>
Reviewed-by: Zach Reizner <zachr@chromium.org>
Reviewed-by: Stephen Barber <smbarber@chromium.org>
Split the KvmKernelIrqchip struct definition and constructor between
x86_64 and aarch64 because aarch64 has an extra fd for the vgic device.
Constructor on x86_64 simply calls create_irq_chip while aarch64
constructor needs to call create_device and configure that device.
Also needed to split the try_clone implementation because the structs
have different fields.
Bug: chromium:1077058
Test: ran build_test, but I haven't been able to actually run the tests
on aarch64
Change-Id: I20e81a7ccedaf077d682055717caf05a94d54423
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/2239976
Reviewed-by: Daniel Verkamp <dverkamp@chromium.org>
Reviewed-by: Stephen Barber <smbarber@chromium.org>
Tested-by: kokoro <noreply+kokoro@google.com>
Commit-Queue: Colin Downs-Razouk <colindr@google.com>
Support a case where a guest client who may use arbitrary numbers of
buffers. (e.g. C2V4L2Component with default pool in ARCVM)
Such a client is valid as long as it uses at most 32 buffers at the same
time.
More specifically, this CL allows the guest to call ResourceCreate for an
output resource_id which was already processed by the host. Such
ResourceCreate calls will be handled as reassignment of DMAbuf to a
FrameBufferId.
BUG=b:157702336
TEST=Play a YouTube video on ARCVM w/ C2V4L2Component using default pool
Change-Id: Ie9c457867abd91b6b7a17a5bca4a1a1e9f53c1ae
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/2198327
Reviewed-by: Alexandre Courbot <acourbot@chromium.org>
Tested-by: Keiichi Watanabe <keiichiw@chromium.org>
Commit-Queue: Keiichi Watanabe <keiichiw@chromium.org>
The separate Vm functions for MemoryMappings and MemoryMappingArenas
have been combined and now use a MappedRegion trait that the mappings
implement. msync_memory_region replaces the get_mmap_arena function,
which is used by VmMsyncRequest. Since Vm uses mutexes for cloning, it
can't return mem region references.
BUG=chromium:1077058
TEST=cargo test, cargo test -p sys_util, cargo test -p hypervisor
Change-Id: If257b16ee34d07820ae7ebdb9a3a598a41df013c
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/2202845
Reviewed-by: Daniel Verkamp <dverkamp@chromium.org>
Reviewed-by: Gurchetan Singh <gurchetansingh@chromium.org>
Tested-by: kokoro <noreply+kokoro@google.com>
Commit-Queue: Gurchetan Singh <gurchetansingh@chromium.org>
Implemented get/set_pic/ioapic/pit functions for the KvmKernelIrqchip.
Added respective functions on KvmVm for interacting with the underlying
KVM API.
Added associated tests for get/set functions.
BUG=chromium:1077058
TEST=ran devices tests and added get/set function tests
Change-Id: I66a29828fe2f1fbdf54d7325656a003ac09e36d0
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/2219422
Reviewed-by: Udam Saini <udam@google.com>
Reviewed-by: Stephen Barber <smbarber@chromium.org>
Tested-by: kokoro <noreply+kokoro@google.com>
Commit-Queue: Colin Downs-Razouk <colindr@google.com>
This trait handles the x86-specific features of an irqchip, including
getting and setting the state of the pic, ioapic, lapics, and pit.
Also includes an empty implementation of this trait for the
KvmKernelIrqChip.
BUG=chromium:1077058
TEST=cargo test -p devices
Change-Id: I36034661f4a2baedc7ac2b8f311cab6327afefba
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/2197717
Tested-by: kokoro <noreply+kokoro@google.com>
Commit-Queue: Colin Downs-Razouk <colindr@google.com>
Reviewed-by: Daniel Verkamp <dverkamp@chromium.org>
Reviewed-by: Stephen Barber <smbarber@chromium.org>
When creating a file or directory the virtio-fs server changes its
effective uid and gid to the uid and gid of the process that made the
call. This ensures that the file or directory has the correct owner and
group when it is created and also serves as an access check to ensure
that the process that made the call has permission to modify the parent
directory.
However, this causes an EACCES error when the following conditions are
met:
* The parent directory has g+rw permissions with gid A
* The process has gid B but has A in its list of supplementary groups
In this case the fuse context only contains gid B, which doesn't have
permission to modify the parent directory.
Unfortunately there's no way for us to detect this on the server side so
instead we just have to rely on the permission checks carried out by the
kernel driver. If the server receives a create call, then assume that
the kernel has verified that the process is allowed to create that
file/directory and just create it without changing the server thread's
uid and gid.
Additionally, in order to ensure that a newly created file appears
atomically in the parent directory with the proper owner and group,
change the create implementation to use `O_TMPFILE` and `linkat` as
described in the open(2) manpage. There is no `O_TMPFILE` equivalent
for directories so create a "hidden" directory with a randomly generated
name, modify the uid/gid and mode, and then rename it into place.
BUG=b:156696212
TEST=tast run $DUT vm.Virtiofs
TEST=Create a test directory with group wayland and permissions g+rw.
Then run `su -s /bin/bash -c 'touch ${dir}/foo' - crosvm` and
`su -s /bin/bash -c 'mkdir ${dir}/bar' - crosvm`.
Change-Id: If5fbcb1b011664c7c1ac29542a2f90d129c34962
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/2217534
Reviewed-by: Chirantan Ekbote <chirantan@chromium.org>
Commit-Queue: Chirantan Ekbote <chirantan@chromium.org>
Tested-by: Chirantan Ekbote <chirantan@chromium.org>
Now that the ioctl number method is const we can use a match statement
rather than a series of if-else expressions.
BUG=b:157189438
TEST=unit tests
Change-Id: I9839f2de842ec512811101c07445ca5f99f3fe2f
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/2214963
Tested-by: kokoro <noreply+kokoro@google.com>
Commit-Queue: Chirantan Ekbote <chirantan@chromium.org>
Reviewed-by: Zach Reizner <zachr@chromium.org>
Reviewed-by: Stephen Barber <smbarber@chromium.org>
The Error type is not used, remove it.
Change-Id: Ibcc1328b62635dd62a666412eb0f56a8c2f4fc93
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/2224013
Reviewed-by: Daniel Verkamp <dverkamp@chromium.org>
Commit-Queue: Dylan Reid <dgreid@chromium.org>
Tested-by: Dylan Reid <dgreid@chromium.org>
The original stated purpose of this trait was to reduce memory
allocations but having the `into_iovec` method return a Vec kind of
defeats that purpose.
Refactor the trait so that it can either convert a T into an iovec or
convert a &[T] into a &[iovec]. Implement the trait for VolatileSlice,
IoSlice, and IoSliceMut and update all the callers.
BUG=none
TEST=unit tests
Cq-Depend: chromium:2210272
Change-Id: I9d0d617a23030d241d50411f4a5a16e7cba4bcee
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/2208527
Reviewed-by: Daniel Verkamp <dverkamp@chromium.org>
Reviewed-by: Zach Reizner <zachr@chromium.org>
Commit-Queue: Chirantan Ekbote <chirantan@chromium.org>
Tested-by: Chirantan Ekbote <chirantan@chromium.org>
