We currently use cargo features to modify the build process, which
makes them non-additive and prevents us from moving towards
using --all-features in the future.
To change build.rs behavior to integrate with downstream build
systems (e.g. use pkg_config only on chromeos) we will use the newly
added CROSVM_BUILD_VARIANT env variable. Currently only
used by ChromeOS, but not limited to it.
For now, CROSVM_BUILD_VARIANT=chromeos will prevent the
embedding of seccomp policies.
BUG=b:244618505
TEST=Test in combination with https://crrev.com/c/3923813
Change-Id: I2bfe999b5252740d57c73c4a85d73bd343c8259e
Reviewed-on: https://chromium-review.googlesource.com/c/crosvm/crosvm/+/3926325
Reviewed-by: Daniel Verkamp <dverkamp@chromium.org>
Commit-Queue: Dennis Kempin <denniskempin@google.com>
This search/replace updates all copyright notices to drop the
"All rights reserved", Use "ChromiumOS" instead of "Chromium OS"
and drops the trailing dots.
This fulfills the request from legal and unifies our notices.
./tools/health-check has been updated to only accept this style.
BUG=b:246579983
TEST=./tools/health-check
Change-Id: I87a80701dc651f1baf4820e5cc42469d7c5f5bf7
Reviewed-on: https://chromium-review.googlesource.com/c/crosvm/crosvm/+/3894243
Reviewed-by: Daniel Verkamp <dverkamp@chromium.org>
Commit-Queue: Dennis Kempin <denniskempin@google.com>
Seccomp policy files will now pre-compile to bpf bytecode for
target architecture and embedded in the crosvm binary when not
built for chrome os.
When minijail is not checked out in crosvm tree as a submodule,
MINIJAIL_DIR environment variable needs to be specified for the
policy compiler to run.
Integration tests are now sandbox enabled for better coverage.
TEST=all tests passed, vm runs fine with sandbox on and no separate
policy files present. cros deploy & crostini still works.
BUG=b:235858187
FIXED=b:226975168
Change-Id: Ieaba4b3d7160ccb342a297ebc374894d19a8dc4d
Reviewed-on: https://chromium-review.googlesource.com/c/crosvm/crosvm/+/3824062
Reviewed-by: Daniel Verkamp <dverkamp@chromium.org>
Tested-by: Zihan Chen <zihanchen@google.com>
Commit-Queue: Zihan Chen <zihanchen@google.com>
This reverts commit a78f92cdb2.
Reason for revert: doesn't build on Chrome OS
Original change's description:
> crosvm: Embed seccomp filters into binary
>
> Seccomp policy files will now pre-compile to bpf bytecode for
> target architecture and embedded in the crosvm binary.
> When minijail is not checked out in crosvm tree as a submodule,
> MINIJAIL_DIR environment variable needs to be specified for the
> policy compiler to run.
>
> TEST=all tests passed, vm runs fine with sandbox on and no separate
> policy files present.
> BUG=b:235858187
>
> Change-Id: Ia801966df0a8adfdc4a80f5899e33121fe45e5f9
> Reviewed-on: https://chromium-review.googlesource.com/c/crosvm/crosvm/+/3774318
> Reviewed-by: Dennis Kempin <denniskempin@google.com>
> Commit-Queue: Zihan Chen <zihanchen@google.com>
> Tested-by: Zihan Chen <zihanchen@google.com>
Bug: b:235858187
Change-Id: Ia81e43185d5f16bd061b6d0290befb4642c44548
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Reviewed-on: https://chromium-review.googlesource.com/c/crosvm/crosvm/+/3813056
Tested-by: Junichi Uekawa <uekawa@chromium.org>
Commit-Queue: Junichi Uekawa <uekawa@chromium.org>
Reviewed-by: Keiichi Watanabe <keiichiw@chromium.org>
Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Seccomp policy files will now pre-compile to bpf bytecode for
target architecture and embedded in the crosvm binary.
When minijail is not checked out in crosvm tree as a submodule,
MINIJAIL_DIR environment variable needs to be specified for the
policy compiler to run.
TEST=all tests passed, vm runs fine with sandbox on and no separate
policy files present.
BUG=b:235858187
Change-Id: Ia801966df0a8adfdc4a80f5899e33121fe45e5f9
Reviewed-on: https://chromium-review.googlesource.com/c/crosvm/crosvm/+/3774318
Reviewed-by: Dennis Kempin <denniskempin@google.com>
Commit-Queue: Zihan Chen <zihanchen@google.com>
Tested-by: Zihan Chen <zihanchen@google.com>
