Re-generated the bindings for x86_64 and arm which now use union types
so a little bit of code in the library also changed, and adds bindings
for aarch64 which are required to run an aarch64 guest.
Also, I manually fixed the zero-length array cases where rust bindgen
doesn't properly align the structs. See rust bindgen bug 684.
BUG=chromium:797868
TEST=run crosvm on x86_64, ensure networking works
TEST=./build_test passes on x86
Change-Id: Iab2193a8f1d4c68bd3346ae683c74bbf16fe45d4
Signed-off-by: Sonny Rao <sonnyrao@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/845519
Reviewed-by: Zach Reizner <zachr@chromium.org>
The balloon device is used to take regions of unused memory from the
guest and allow other host processes to use that memory.
Change-Id: I06c821365a58672d605fc7555beaec599cae1b15
Signed-off-by: Dylan Reid <dgreid@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/759306
Reviewed-by: Stephen Barber <smbarber@chromium.org>
This is to clearly separate the Linux VM setup code from main's argument
parsing logic. This will also make it easier to add other kinds of VM
setup code without littering main or the Linux setup sequence.
BUG=None
TEST=./build_test; cargo run
Change-Id: I8e28720df760357cf00c9711ca5f1f8d6c077844
Reviewed-on: https://chromium-review.googlesource.com/823610
Commit-Ready: Zach Reizner <zachr@chromium.org>
Tested-by: Zach Reizner <zachr@chromium.org>
Reviewed-by: Dylan Reid <dgreid@chromium.org>
/var/empty always exists on cros devices and is commonly used by recent
minijail configs throughout the system. Using it here saves several
variables and removes some error paths.
Leave the wayland root as it needs to be owned by the wayland group.
Change-Id: I261915f4419cadb3f121e9c423c79e467b014700
Signed-off-by: Dylan Reid <dgreid@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/816536
Reviewed-by: Zach Reizner <zachr@chromium.org>
Add functions to let the kernel know a given range of memory isn't
needed currently. This function will result in `madvise(DONTNEED)`.
The ability to signal memory as not needed will be used by the balloon
driver to allow system memory to be redistributed away from the VM.
Change-Id: I4ca56e09010eec33989824f5738db4a4be0ec428
Signed-off-by: Dylan Reid <dgreid@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/759305
Reviewed-by: Zach Reizner <zachr@chromium.org>
Recent Linux kernel's fail to start if the mptable is at the start of
RAM (address 0x00). Avoid putting the mptable there so that crosvm can
boot 4.14+ kernels. The kernel scans the last kilobyte of RAM after the
first, move the mptable there.
Change-Id: Ia00f49e7a4cbd0fb3719c21b757e8fdca65584e8
Signed-off-by: Dylan Reid <dgreid@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/780045
Making the project a workspace allows running all local libs unit tests
from the main build.
Change-Id: Ib531dd10c21f324c7d25af69ad12b95c7bc8f3bc
Signed-off-by: Dylan Reid <dgreid@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/759597
Reviewed-by: Zach Reizner <zachr@chromium.org>
The table grew with the addition of the 16 mpc_intsrc structures.
Correct the `compute_mp_size` function, the end check, and add a unit
test for the not having enough memory.
Change-Id: I1ff268629a47a422f50aefef9d6aa95121b94d59
Signed-off-by: Dylan Reid <dgreid@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/777710
Reviewed-by: Slava Malyugin <slavamn@google.com>
Reviewed-by: Zach Reizner <zachr@chromium.org>
There were remnants of using `minijail_enter`, switch them to
`minijail_fork`.
Change-Id: I5c695cbc3bfd6868f25f46f785a2f96391744d90
Signed-off-by: Dylan Reid <dgreid@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/759598
Reviewed-by: Stephen Barber <smbarber@chromium.org>
On older kernels, the memfd_create syscall isn't available. Skip shm
tests if that is the case.
Change-Id: I39c1f1779f1f02e90df727c6ca18b5bdae52e855
Signed-off-by: Dylan Reid <dgreid@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/768102
Reviewed-by: Stephen Barber <smbarber@chromium.org>
The mptable inherited from kvmtool had some missing pieces. On top of that,
crosvm does not use KVM_SET_GSI_ROUTING. The addresses makes mptable match
the default routing in host kernel and removes "noapic".
TEST=cargo build (--release). tatl boot tested on 4.4.0 and 4.4.9
Change-Id: Ibc55abf245cd9d8fca601da204d5a189321c09c7
Reviewed-on: https://chromium-review.googlesource.com/772820
Commit-Ready: Slava Malyugin <slavamn@google.com>
Tested-by: Slava Malyugin <slavamn@google.com>
Reviewed-by: Dylan Reid <dgreid@chromium.org>
This change is to support a related kernel change but is backwards
compatible with kernels without that change.
BUG=chromium:782474
TEST=None
Change-Id: Ic1224b65ed9685f246002f946cfc6bfa2dbb2856
Reviewed-on: https://chromium-review.googlesource.com/770593
Commit-Ready: Zach Reizner <zachr@chromium.org>
Tested-by: Zach Reizner <zachr@chromium.org>
Reviewed-by: Stephen Barber <smbarber@chromium.org>
Suspend/resume can cause syscall restarts and will cause KVM_RUN ioctls
to return with EINTR. Handle these so the VM doesn't shut down.
BUG=none
TEST=vm survives suspend/resume
Change-Id: I1fab624cb8fe0949d341408f0c962c859a034205
Reviewed-on: https://chromium-review.googlesource.com/750054
Commit-Ready: Stephen Barber <smbarber@chromium.org>
Tested-by: Stephen Barber <smbarber@chromium.org>
Reviewed-by: Dylan Reid <dgreid@chromium.org>
Reviewed-by: Zach Reizner <zachr@chromium.org>
This also updates the `build_test.py` to use the command line option to
run certain certain test modules serially.
TEST=./build_test
BUG=None
Change-Id: I8a498514cb6b89fab01f02d0ef8faf39629f717c
Reviewed-on: https://chromium-review.googlesource.com/748824
Commit-Ready: Zach Reizner <zachr@chromium.org>
Tested-by: Zach Reizner <zachr@chromium.org>
Reviewed-by: Dylan Reid <dgreid@chromium.org>
If reading from stdin returns EOF or an error, remove it from the list
of pollables.
BUG=none
TEST=`vm_launcher start` and check that crosvm no longer pegs CPU
Change-Id: I7971058701e6145884de9c52a8dd5b829373637b
Reviewed-on: https://chromium-review.googlesource.com/745961
Commit-Ready: Stephen Barber <smbarber@chromium.org>
Tested-by: Stephen Barber <smbarber@chromium.org>
Reviewed-by: Zach Reizner <zachr@chromium.org>
crosvm spawns a lot of processes/threads, and having these all use the same
name as the original process can be confusing. So at least in the instances
where Rust threads are spawned (vs. minijail_fork()), use a thread::Builder
to allow setting the thread name.
BUG=none
TEST=start crosvm, check thread names with top
Change-Id: I6e55ff5fd60f258880bda8e656ab7f9da82c656e
Reviewed-on: https://chromium-review.googlesource.com/742394
Commit-Ready: Stephen Barber <smbarber@chromium.org>
Tested-by: Stephen Barber <smbarber@chromium.org>
Reviewed-by: Stephen Barber <smbarber@chromium.org>
There is a low limit on the maximum memory slot number imposed by the
kernel. On x86_64, that limit is 509. In order to delay hitting that
limit, we attempt to use the lowest unused slot number. As memory
regions are removed from the VM, the slot for that region is stored in a
heap so that that slot number can quickly be reused next time a memory
region is added.
BUG=None
TEST=finish a game of gnome-mahjong using virtio-wayland
Change-Id: I786c2e2b8ff239c19b3c8a18bd0f6e8f8dc2acbf
Reviewed-on: https://chromium-review.googlesource.com/740102
Commit-Ready: Stephen Barber <smbarber@chromium.org>
Tested-by: Stephen Barber <smbarber@chromium.org>
Tested-by: Zach Reizner <zachr@chromium.org>
Reviewed-by: Stephen Barber <smbarber@chromium.org>
Reviewed-by: Dylan Reid <dgreid@chromium.org>
Add a wayland-sock argument for specifying the path to the
wayland socket. Also add a wayland-group argument for specifying
the group that has access to that socket.
BUG=none
TEST=crosvm starts with wayland
Change-Id: I3e53eb697951200340613663dc3e4ed28d8ed7f8
Reviewed-on: https://chromium-review.googlesource.com/733732
Commit-Ready: Stephen Barber <smbarber@chromium.org>
Tested-by: Stephen Barber <smbarber@chromium.org>
Reviewed-by: Dylan Reid <dgreid@chromium.org>
Using minijail_fork removes the need to manage user and pid namespace
explicitly in crosvm and removes some parent/child synchonization
requirements too.
Change-Id: I47f9d39527d0a3ccf625600e9bfc2cccc3cb27ca
Signed-off-by: Dylan Reid <dgreid@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/719443
Reviewed-by: Stephen Barber <smbarber@chromium.org>
Since /var/run is a symlink to /run, and we want to avoid going
through the stateful /var whenever possible, use the direct path.
BUG=chromium:699880
TEST=precq passes
Change-Id: I5d95f5358c1fb0cb2ca73f9c4b145d8e36b4a361
Reviewed-on: https://chromium-review.googlesource.com/734225
Commit-Ready: Mike Frysinger <vapier@chromium.org>
Tested-by: Mike Frysinger <vapier@chromium.org>
Reviewed-by: Zach Reizner <zachr@chromium.org>
Mutable references being declared mutable themselves is unnecessary and
now generates a warning.
Change-Id: I29c7652fb86e17a8eda21efc728dd09b726c304f
Signed-off-by: Dylan Reid <dgreid@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/717733
Reviewed-by: Stephen Barber <smbarber@chromium.org>
Reviewed-by: Zach Reizner <zachr@chromium.org>
Moving the devices to their own module makes it easier to add tests that
use them.
Change-Id: I61bfef4037d16b20145b5fddce604835cdc4f67b
Signed-off-by: Dylan Reid <dgreid@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/706559
Reviewed-by: Zach Reizner <zachr@chromium.org>
Break out vm_control to a crate that will be able to used by more
modules. Having vm_control usable from outside crosvm makes it possible
to move the devices out of crosvm in a later commit.
Change-Id: I1f060700ed49b5d77519d55efa2430490d521256
Signed-off-by: Dylan Reid <dgreid@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/706558
Reviewed-by: Zach Reizner <zachr@chromium.org>
Change the default option to use a sanboxxed process for each device.
The old behavior can be re-enabled with the `--disable-sandbox` flag.
Change-Id: I65762a6cb52afac210fc0e683d999f20fe67a57e
Signed-off-by: Dylan Reid <dgreid@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/696715
Reviewed-by: Zach Reizner <zachr@chromium.org>
The other options all user hyphens.
Change-Id: I7f0ab307fd5e50deea8c276bc7a73e43cf692195
Signed-off-by: Dylan Reid <dgreid@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/696714
Reviewed-by: Stephen Barber <smbarber@chromium.org>
All seccomp policy files get installed in /usr/share/policy on chrome
os. Load the virtio device seccomp policy files from there as well.
BUG=none
TEST=run crosvm under strace -e trace=open and verify that it is loading
the policy files from /usr/share/policy
Change-Id: I87fa3c57babfd256fb1ac1a827337a95e9c003ad
Signed-off-by: Chirantan Ekbote <chirantan@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/630059
Commit-Ready: Dylan Reid <dgreid@chromium.org>
Tested-by: Dylan Reid <dgreid@chromium.org>
Reviewed-by: Zach Reizner <zachr@chromium.org>
To ensure dependencies don't accidentally get updated, their versions are
fixed using the equals constraint. The Cargo.lock file is also checked in
so that the registry won't need to be downloaded by cargo.
These changes are needed so that the crosvm ebuild will not need to
download anything outside of its list of source packages.
TEST=./build_test
BUG=None
Change-Id: Iae8472de77e3589a453685717b26fb1ceb44e257
Reviewed-on: https://chromium-review.googlesource.com/674092
Commit-Ready: Zach Reizner <zachr@chromium.org>
Tested-by: Zach Reizner <zachr@chromium.org>
Reviewed-by: Stephen Barber <smbarber@chromium.org>
Reviewed-by: Dylan Reid <dgreid@chromium.org>
The compiler was complaining about std::fmt::Debug being an unused
import. Remove the import.
BUG=none
TEST=build_test and see no warnings about unused imports
Change-Id: I5e606982dffee575b3048b6c45cb5222e63ae3dc
Signed-off-by: Chirantan Ekbote <chirantan@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/669305
Reviewed-by: Jason Clinton <jclinton@chromium.org>
Reviewed-by: Stephen Barber <smbarber@chromium.org>
Reviewed-by: Dylan Reid <dgreid@chromium.org>
Reviewed-by: Zach Reizner <zachr@chromium.org>
Implement the virtual sockets device using vhost subsystem of the host
kernel to handle data transfer.
BUG=chromium:708267
TEST=build and run maitred in guest VM without issue
Change-Id: I35b542c0fc7e0fd9296f7ba3e1dfce60bf524d15
Signed-off-by: Chirantan Ekbote <chirantan@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/638838
Reviewed-by: Stephen Barber <smbarber@chromium.org>
Pass better errors from mmap and guest_memory. These modules were
written before I understood errors. Now the errors passed back to block
can be propagated.
Change-Id: I1842808a4114a715321c555281aacc211f23511c
Signed-off-by: Dylan Reid <dgreid@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/656837
Reviewed-by: Jason Clinton <jclinton@chromium.org>
Reviewed-by: Stephen Barber <smbarber@chromium.org>
Reviewed-by: Zach Reizner <zachr@chromium.org>
This fakes out the underlying Net implementation with FakeNet to try
and get some of the code a little further along before it
explodes. Then, we test for known failures when running without a real
vhost file descriptors.
This allows us to pass without running as root as we would expect
running on Paladins.
This is also the final module that was failing at ToT.
Also adds vhost to the build_test test targets.
BUG=none
TEST=Run unit tests:
cargo test -p crosvm -p data_model -p syscall_defines -p kernel_loader -p net_util -p x86_64 -p virtio_sys -p kvm_sys -p vhost -p io_jail -p net_sys -p sys_util -p kvm
Also ran ./build_test
Change-Id: Ie12d05c044634a660a234483532cf783e2a7fe84
Reviewed-on: https://chromium-review.googlesource.com/656278
Commit-Ready: Jason Clinton <jclinton@chromium.org>
Tested-by: Jason Clinton <jclinton@chromium.org>
Reviewed-by: Jason Clinton <jclinton@chromium.org>
This adds the virtio wayland device which is activated by default. The wayland
device needs the XDG_RUNTIME_DIR env variable to be set and a running wayland
compositor to connect to in that directory.
TEST=crosvm run <other args>
BUG=chromium:738638
Change-Id: Iaa417c6bb74739896042318451b4befcac0c1d0e
Reviewed-on: https://chromium-review.googlesource.com/559860
Commit-Ready: Zach Reizner <zachr@chromium.org>
Tested-by: Zach Reizner <zachr@chromium.org>
Reviewed-by: Dylan Reid <dgreid@chromium.org>
This CL includes a small tweak to sys_util so that cloned processes PIDs
are returned.
The proxy device CHILD_SIGNATURE check was removed because it would
deadlock with the synchronization that DeviceManager's post clone
callback uses to wait for the id maps to be set. The check wasn't that
useful to begin with.
This also bumps the libc version.
TEST=None
BUG=None
Change-Id: I881e08c9626e035044b0be1dd2e9fff3e7e61ec1
Reviewed-on: https://chromium-review.googlesource.com/634270
Commit-Ready: Zach Reizner <zachr@chromium.org>
Tested-by: Zach Reizner <zachr@chromium.org>
Reviewed-by: Zach Reizner <zachr@chromium.org>
We can't really mock out the underlying TAP ioctls unless we introduce
another layer of abstraction. Instead, this CL allows a test to pass
if the reason that it failed was a permission denial as we would
expect running on Paladins as non-root.
Also adds net_util to the build_test test targets.
BUG=none
TEST=Run unit tests:
cargo test -p crosvm -p data_model -p syscall_defines -p kernel_loader -p net_util -p x86_64 -p virtio_sys -p kvm_sys -p vhost -p io_jail -p net_sys -p sys_util -p kvm
Also ran ./build_test
Change-Id: I5c761bd75d3a6d5829f4dd07fb8031612944e912
Reviewed-on: https://chromium-review.googlesource.com/649958
Commit-Ready: Jason Clinton <jclinton@chromium.org>
Tested-by: Jason Clinton <jclinton@chromium.org>
Reviewed-by: Jason Clinton <jclinton@chromium.org>
This is so future changes can use getresuid/setresuid and similar
syscalls.
BUG=chromium:738638
TEST=./build_test
Change-Id: I47765fa1f45c549d8e148d02655dd61993a10f58
Reviewed-on: https://chromium-review.googlesource.com/655143
Commit-Ready: Zach Reizner <zachr@chromium.org>
Tested-by: Zach Reizner <zachr@chromium.org>
Reviewed-by: Dylan Reid <dgreid@chromium.org>
By using libc's openlog, we can ensure that the internal state of the
libc syslogger is consistent with the syslog module. Minijail will be
able to print to stderr and the syslog in the same way the logging
macros in crosvm do. The FD the syslog module uses is shared with libc
and via `syslog::get_fds`, jailed processes can inherit the needed FDs
to continue logging.
Now that `sys_log::init()` must be called in single threaded process,
this moves its tests to the list of the serially run ones in
build_test.py.
TEST=./build_test
BUG=None
Change-Id: I8dbc8ebf9d97ef670185259eceac5f6d3d6824ea
Reviewed-on: https://chromium-review.googlesource.com/649951
Commit-Ready: Zach Reizner <zachr@chromium.org>
Tested-by: Zach Reizner <zachr@chromium.org>
Reviewed-by: Jason Clinton <jclinton@chromium.org>
Reviewed-by: Dylan Reid <dgreid@chromium.org>
By inheriting stderr, logs from minijail and the logging macros can be
seen in the stderr of crosvm, which is convenient for debugging.
BUG=None
TEST=None
Change-Id: I6d6506776add780b243da50e635c25d27a8976ce
Reviewed-on: https://chromium-review.googlesource.com/649952
Commit-Ready: Zach Reizner <zachr@chromium.org>
Tested-by: Zach Reizner <zachr@chromium.org>
Reviewed-by: Jason Clinton <jclinton@chromium.org>
Running crosvm in multiprocess mode includes setting up an io_jail for
each device and it can very often fail due to problems in the
enviroment, such as missing policy files or lack of privilege. The auto
generated debug error messages were not very good (based on initial user
feedback) and so this CL implements display to help make the errors more
understandable when they are printed.
BUG=None
TEST=./build_test
Change-Id: If51c00e60abb9b0d482515fa1e401f2fa6fb9e8f
Reviewed-on: https://chromium-review.googlesource.com/649950
Commit-Ready: Zach Reizner <zachr@chromium.org>
Tested-by: Zach Reizner <zachr@chromium.org>
Reviewed-by: Jason Clinton <jclinton@chromium.org>
Reviewed-by: Stephen Barber <smbarber@chromium.org>
Reviewed-by: Dylan Reid <dgreid@chromium.org>
This removes the clap dependency by replacing that functionality with a
custom written parser. Binary size is reduced by about 60% in optimized
and stripped mode.
TEST=cargo run -- run -h
BUG=None
Change-Id: I2eaf6fcff121ab16613c444693d95fdf3ad04da3
Reviewed-on: https://chromium-review.googlesource.com/636011
Commit-Ready: Zach Reizner <zachr@chromium.org>
Tested-by: Zach Reizner <zachr@chromium.org>
Reviewed-by: Dylan Reid <dgreid@chromium.org>
These copy functions are functionally similar to read_from and write_to,
but have stronger guarantees because they are copying to/from concrete
slices. In particular, the volatile access pattern is specified and the
copy operation never returns an error.
TEST=cargo test
BUG=chromium:738638
Change-Id: Ie10152e10bc8a36058f5d5001ff392ff8975ee36
Reviewed-on: https://chromium-review.googlesource.com/599043
Commit-Ready: Zach Reizner <zachr@chromium.org>
Tested-by: Zach Reizner <zachr@chromium.org>
Reviewed-by: Dylan Reid <dgreid@chromium.org>
