Now that there are no users of that interface, we should remove it.
TEST=./build_test
BUG=chromium:816692
Change-Id: Ifdbde22984f557b945e49559ba47076e99db923b
Reviewed-on: https://chromium-review.googlesource.com/1000103
Commit-Ready: Zach Reizner <zachr@chromium.org>
Tested-by: Zach Reizner <zachr@chromium.org>
Reviewed-by: Dylan Reid <dgreid@chromium.org>
The wl device was the last user of the old Poller.
BUG=chromium:816692
TEST=run wayland under crosvm
Change-Id: I6c1c1db2774a6e783b7bd1109288328d75ad2223
Reviewed-on: https://chromium-review.googlesource.com/1000102
Commit-Ready: Zach Reizner <zachr@chromium.org>
Tested-by: Zach Reizner <zachr@chromium.org>
Reviewed-by: Dylan Reid <dgreid@chromium.org>
Making a copy of PollEvents is useful to drop the PollEvents structure
which borrows from a PollContext. Even though immutably borrowing from a
PollContext does not prevent any operations on a PollContext, it does
prevent mutable method calls on any structure that owns PollContext.
TEST=None
BUG=chromium:816692
Change-Id: I9527fd5c122a703933deb973ad549b792226e4c6
Reviewed-on: https://chromium-review.googlesource.com/1000101
Commit-Ready: Zach Reizner <zachr@chromium.org>
Tested-by: Zach Reizner <zachr@chromium.org>
Reviewed-by: Dylan Reid <dgreid@chromium.org>
Add a seccomp policy for virtio wayland devices on aarch64.
BUG=chromium:797868
TEST=./build_test passes on all architectures
TEST=crosvm runs on kevin built with USE="kvm_host" with a
wayland socket passed in
Change-Id: I89e9904b48598d78be0721ba8b3242d1b43f7aa3
Reviewed-on: https://chromium-review.googlesource.com/999169
Commit-Ready: Sonny Rao <sonnyrao@chromium.org>
Tested-by: Sonny Rao <sonnyrao@chromium.org>
Reviewed-by: Zach Reizner <zachr@chromium.org>
Pipe VFDs are used to send and recieve data offer bytes, often used for
copy/paste and drag/drop operations.
TEST=use copy/paste with wayland app
BUG=chromium:793688
Change-Id: Ifc3f231dcdf90ce6791a98039405c7c404cf6942
Reviewed-on: https://chromium-review.googlesource.com/983037
Commit-Ready: Zach Reizner <zachr@chromium.org>
Tested-by: Zach Reizner <zachr@chromium.org>
Reviewed-by: Stephen Barber <smbarber@chromium.org>
Concierge needs to be able to pass open file descriptors to crosvm when
crosvm is executed. Use /proc/self/fd to communicate that a file is
already open. This will allow passing open FDs to concierge over D-BUS
and avoid giving the crosvm user permission to open files in different
parts of the system.
BUG=827705
TEST=Start VM with persistent storage on a USB device.
Change-Id: I1c56eeb11f95f32e235f3486eb04581851c41d90
Signed-off-by: Dylan Reid <dgreid@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/991094
Reviewed-by: Zach Reizner <zachr@chromium.org>
This avoids the pitfalls of Poller, which required dynamic allocation on
every loop for the dynamically added Pollables. Using PollContext also
makes busy poll loops less silent.
TEST=run a linux vm
BUG=chromium:816692
Change-Id: If44e47bcbbd7c889399f957ad5bcca66eca57b8e
Reviewed-on: https://chromium-review.googlesource.com/983038
Commit-Ready: Zach Reizner <zachr@chromium.org>
Tested-by: Zach Reizner <zachr@chromium.org>
Reviewed-by: Dylan Reid <dgreid@chromium.org>
Switching to PollContext so that there is one less user of Poller, which
will be removed.
TEST=run any vm with a block device
BUG=chromium:816692
Change-Id: I2e1301ea9d66012262f1fcb69eaeee9f7464f3b3
Reviewed-on: https://chromium-review.googlesource.com/983036
Commit-Ready: Zach Reizner <zachr@chromium.org>
Tested-by: Zach Reizner <zachr@chromium.org>
Reviewed-by: Chirantan Ekbote <chirantan@chromium.org>
This will be useful for diagnosing crosvm crashes which are most often
caused by seccomp killing a device process.
TEST=delete a seccomp filter, run crosvm, check for blocked syscall in
/var/log/messages
BUG=None
Change-Id: I1e01a0794f0349e6ad9b101eb2e32320f60b1283
Reviewed-on: https://chromium-review.googlesource.com/994737
Commit-Ready: Zach Reizner <zachr@chromium.org>
Tested-by: Zach Reizner <zachr@chromium.org>
Reviewed-by: Stephen Barber <smbarber@chromium.org>
This fixes an issue on kevin where if we start on a little core, the
kernel doesn't like the generic ARMv8 target cpu type for some reason. To
fix this we must query the preferred type from the vm device first and
supply that to the vcpu init ioctl.
We need to change the signature of the configure_vcpu method to pass
in the vm object even though we aren't using it on x86.
BUG=chromium:797868
TEST=./build_test passes on all architectures
TEST=crosvm runs on kevin
Change-Id: I460cb9db62a8805bb88f838956aa4f1c69183961
Reviewed-on: https://chromium-review.googlesource.com/982996
Commit-Ready: Sonny Rao <sonnyrao@chromium.org>
Tested-by: Sonny Rao <sonnyrao@chromium.org>
Reviewed-by: Zach Reizner <zachr@chromium.org>
- removes old ARMv7a (32-bit) bindings as we're only supporting aarch64
guests right now
- switches both ARMv7 and aarch64 builds to use aarch64 kvm bindings
- adds support for ARMv8 Linux guest with dynamic flattened-device-tree
CQ-DEPEND=990894
BUG=chromium:797868
TEST=./build_test passes on all architectures
TEST=crosvm runs on caroline
TEST=crosvm runs on kevin built with USE="kvm_host"
Change-Id: I7fc4fc4017ed87fd23a1bc50e3ebb05377040006
Reviewed-on: https://chromium-review.googlesource.com/969987
Commit-Ready: Sonny Rao <sonnyrao@chromium.org>
Tested-by: Sonny Rao <sonnyrao@chromium.org>
Reviewed-by: Zach Reizner <zachr@chromium.org>
The mmaps made through the sys_util API are usually for guest memory or
other large shared memory chunks that will pollute the file system with
huge dumps on crash. By using MADV_DONTDUMP, we save the file system
from storing these useless data segments when crosvm crashes.
TEST=./build_test
BUG=None
Change-Id: I2041523648cd7c150bbdbfceef589f42d3f9c2b9
Reviewed-on: https://chromium-review.googlesource.com/890279
Commit-Ready: Zach Reizner <zachr@chromium.org>
Tested-by: Zach Reizner <zachr@chromium.org>
Reviewed-by: Stephen Barber <smbarber@chromium.org>
This change allows plugin to retrieve and set various VM and VCPU states:
interrupt controller, PIT, LAPIC and MP state.
BUG=b:76083711
TEST=cargo test -p kvm
Change-Id: Ie32a67b0cd4a1f0a19ccd826a6e1c9dc25670f95
Signed-off-by: Dmitry Torokhov <dtor@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/986511
Reviewed-by: Zach Reizner <zachr@chromium.org>
The KVM API to fetch interrupt controller state expects caller to supply
number (id) of the interrupt controller number in which state the caller
is interested. To allow crosvm to fetch the correct state and to improve
type safety we split the API into one that handles the PIC (primary and
secondary) and the one that handles IOAPIC.
BUG=b:76083711
TEST=cargo test -p kvm
Change-Id: Ia45b51cb218072a275c244af2de1b4a73a1d3352
Signed-off-by: Dmitry Torokhov <dtor@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/986510
Reviewed-by: Zach Reizner <zachr@chromium.org>
Files are Pollable because they have an FD. Whether this makes sense for
any specific `File` is not enforced, but it will never be unsafe or
undefined when used with Poller.
BUG=chromium:793688
TEST=None
Change-Id: I2ce7ffd1b408bcee5ffbb3738d26339aa0c466e0
Reviewed-on: https://chromium-review.googlesource.com/985617
Commit-Ready: Zach Reizner <zachr@chromium.org>
Tested-by: Zach Reizner <zachr@chromium.org>
Reviewed-by: Stephen Barber <smbarber@chromium.org>
If POLLHUP is filtered out of the returned tokens, the caller of
Poller::poll will likely just put the same (token, fd) in the next call
to poll which will return instantly. This degrades into a busy poll loop
without the chance for the caller to change the poll list.
Instead, this change changes the filter to return tokens on POLLHUP so
that the caller will hopefully notice the FD associated with the token
has been hungup and will close it.
BUG=chromium:816692
TEST=None
Change-Id: Ie36d8a647a5fd7faabfd57a562205f75c77991e7
Reviewed-on: https://chromium-review.googlesource.com/985616
Commit-Ready: Zach Reizner <zachr@chromium.org>
Tested-by: Zach Reizner <zachr@chromium.org>
Reviewed-by: Stephen Barber <smbarber@chromium.org>
Reviewed-by: Dylan Reid <dgreid@chromium.org>
The only instance of libstd getting file flags is the debug formatter
for `File` which would be hacky to depend on. This change adds a type
and method to directly get open file flags.
TEST=cargo test -p sys_util
BUG=chromium:793688
Change-Id: I9fe411d8cb45d2993e2334ffe41f2eb6ec48de70
Reviewed-on: https://chromium-review.googlesource.com/985615
Commit-Ready: Zach Reizner <zachr@chromium.org>
Tested-by: Zach Reizner <zachr@chromium.org>
Reviewed-by: Stephen Barber <smbarber@chromium.org>
The documentation for the SystemEvent exit reason needs to specify
the positions for the two fields.
BUG=chromium:797868
TEST=./build_test passes on all architectures
Change-Id: Ida98ba4a6b383a1c10fa48356decc1c5264999ec
Reviewed-on: https://chromium-review.googlesource.com/986721
Commit-Ready: Sonny Rao <sonnyrao@chromium.org>
Tested-by: Sonny Rao <sonnyrao@chromium.org>
Reviewed-by: Zach Reizner <zachr@chromium.org>
We were setting LME (Long Mode Enabled) but not LMA (Long Mode Active).
New kernels have a check in the kvm code that disallows this brokenness.
Change-Id: Ic8950c8748ead81201223c19404fdd2c8d80f7dc
Signed-off-by: Dylan Reid <dgreid@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/985733
Reviewed-by: Zach Reizner <zachr@chromium.org>
ARM systems don't have an exit event fd like x86, instead one of the Vcpus
will exit with the SystemEvent reason and put a code into the kvm run
union of either shutdown, reboot, or crash. We currently don't handle
reboot or crash differently but can do so in the future.
BUG=chromium:797868
TEST=./build_test passes on all architectures
TEST=crosvm runs on kevin - manually test shutdown via maitred
Change-Id: I455cbe1ac653f61a1e9eae1ce22922d14cff4e3c
Reviewed-on: https://chromium-review.googlesource.com/982531
Commit-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com>
Tested-by: Sonny Rao <sonnyrao@chromium.org>
Reviewed-by: Dylan Reid <dgreid@chromium.org>
This is useful to get the total size of memory without having to write
something that iterates over the regions explicitly.
BUG=chromium:797868
TEST=./build_test passes on all architectures
TEST=crosvm runs on caroline
Change-Id: Iac9a341b4c41d6462cf731f6267b92a0169578e4
Reviewed-on: https://chromium-review.googlesource.com/977565
Commit-Ready: Sonny Rao <sonnyrao@chromium.org>
Tested-by: Sonny Rao <sonnyrao@chromium.org>
Reviewed-by: Zach Reizner <zachr@chromium.org>
The official name is "crosvm", not "CrOSVM".
BUG=None
TEST=None
Change-Id: I21f200d8224c9a8fee53011a63ff4ad165128904
Reviewed-on: https://chromium-review.googlesource.com/976941
Commit-Ready: Mike Frysinger <vapier@chromium.org>
Tested-by: Mike Frysinger <vapier@chromium.org>
Reviewed-by: Stephen Barber <smbarber@chromium.org>
The kernel driver currently short circuits the check for empty queue
entries if the entry arrives empty. Ordinarily the check is run every
time data is taken out of a queue entry and would recycle the entry once
empty. The short circuiting is being fixed in the kernel, but this
device change fixes the unnecessary empty queue entries from happening
in the first place.
BUG=chromium:791724
TEST=test code from the BUG
Change-Id: I5b72aac843def052bfe1234dfbde236274ae02bb
Reviewed-on: https://chromium-review.googlesource.com/974883
Commit-Ready: Zach Reizner <zachr@chromium.org>
Tested-by: Zach Reizner <zachr@chromium.org>
Reviewed-by: Stephen Barber <smbarber@chromium.org>
Calculate the number of bits necessary to represent the enum variant
using the next_power_of_two() and trailing_zeros() functions from the
primitive usize type.
Also add a test to ensure that the returned value is correct when there
is only one variant in the enum.
BUG=none
TEST=unit tests
Change-Id: Ibd15efd4f06e17a74489fee04ff19aca0dde68b2
Signed-off-by: Chirantan Ekbote <chirantan@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/959624
Reviewed-by: Zach Reizner <zachr@chromium.org>
This creates a trait that different architectures can implement to
support running Linux VMs.
In the implementation on X86 we remove some error and return errors
from lower-level modules as appropriate. These modules now implement
the Error trait so we can get meaningful descriptions without an extra
error from the calling function. This still keeps all the ifdefs in
linux.rs for now until we have another implementation to use for ARM.
BUG=chromium:797868
TEST=./build_test passes on all architectures
TEST=crosvm runs on caroline
Change-Id: If24bcc83e25f9127d6aea68f9272e639296aad8b
Reviewed-on: https://chromium-review.googlesource.com/952368
Commit-Ready: Sonny Rao <sonnyrao@chromium.org>
Tested-by: Sonny Rao <sonnyrao@chromium.org>
Reviewed-by: Zach Reizner <zachr@chromium.org>
This is useful for describing errors that we pass up.
BUG=chromium:797868
TEST=build_tests passes on all architectures
TEST=crosvm runs on caroline
Change-Id: Ied456015e74830d3f1f465fca1151682c9148eb5
Reviewed-on: https://chromium-review.googlesource.com/961603
Commit-Ready: Sonny Rao <sonnyrao@chromium.org>
Tested-by: Sonny Rao <sonnyrao@chromium.org>
Reviewed-by: Zach Reizner <zachr@chromium.org>
We don't use this particular constant on non-x86 builds, so let's
leave it out if when it's not needed.
BUG=chromium:797868
TEST=build_test passes
TEST=crosvm runs on caroline
Change-Id: Ic752f9ae33d577d78c7df282e9803936aa181504
Reviewed-on: https://chromium-review.googlesource.com/952166
Commit-Ready: Sonny Rao <sonnyrao@chromium.org>
Tested-by: Sonny Rao <sonnyrao@chromium.org>
Reviewed-by: Dylan Reid <dgreid@chromium.org>
This change simplifies plugin processing by removing the awkward
run_until_started loop. This also switches to use PollContext instead
of the Poller/Pollable interface, which required reallocating a Vec
every loop to satisfy the borrow checker.
TEST=cargo test --features plugin
BUG=chromium:816692
Change-Id: Iedf26a32840a9a038205c4be8d1adb2f1b565a5c
Reviewed-on: https://chromium-review.googlesource.com/938653
Commit-Ready: Zach Reizner <zachr@chromium.org>
Tested-by: Zach Reizner <zachr@chromium.org>
Reviewed-by: Stephen Barber <smbarber@chromium.org>
Reviewed-by: Dylan Reid <dgreid@chromium.org>
Having qcow clippy clean will make us more likely to see important
warnings.
Change-Id: I3ce08f50eb73f2291c56dc8fe06dd378eb3dcf93
Signed-off-by: Dylan Reid <dgreid@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/954404
Reviewed-by: Zach Reizner <zachr@chromium.org>
To ensure that we do not miss pause request sent while we were in paused
state, or were exiting paused state, let's start using
KVM_SET_SIGNAL_MASK. SIGRTMIN() + 0 signal will be blocked and thus is
not delivered, and it will only be checked when KVM_RUN is being
executed, reliably interrupting KVM_RUN.
TEST=cargo test --features plugin; cargo test -p kvm; ./build_test
BUG=chromium:800626
Change-Id: Iae67a411c23c2b14fbfcbc7d53d0bc86ec4b67d9
Signed-off-by: Dmitry Torokhov <dtor@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/944850
Reviewed-by: Zach Reizner <zachr@chromium.org>
Linux kernel expects size of sigset passed in through KVM_SET_SIGNAL_MASK
ioctl to be exactly 8, but Rust's sigset size is 128 bytes, so we can
not use sizeof to set up the size.
Also let's add test set_signal_mask().
TEST=cargo test --features plugin; cargo test -p kvm; ./build_test
BUG=chromium:800626
Change-Id: Ica757ad63d6754d5c8008ba1735982c7ca026f33
Signed-off-by: Dmitry Torokhov <dtor@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/944849
Reviewed-by: Zach Reizner <zachr@chromium.org>
This should be the number of bits (1 << order) divided by bits per byte.
BUG=none
TEST=cargo test
Change-Id: I201dbaf21d13a82af6bcb493ba5f3b62c89286fa
Signed-off-by: Dylan Reid <dgreid@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/954348
Reviewed-by: Stephen Barber <smbarber@chromium.org>
Reviewed-by: Zach Reizner <zachr@chromium.org>
Clippy only has 6 lints that are defaulted to deny, which this CL fixes.
The first step to running clippy and establishing our own set of default
deny lints, is to ensure we aren't running afoul of the most common
deny lints.
BUG=None
TEST=cargo clippy --all
Change-Id: I225801357d76a8a9e246e3842bc9bf550fcd7207
Reviewed-on: https://chromium-review.googlesource.com/952045
Commit-Ready: Zach Reizner <zachr@chromium.org>
Tested-by: Zach Reizner <zachr@chromium.org>
Reviewed-by: Stephen Barber <smbarber@chromium.org>
Reviewed-by: Dylan Reid <dgreid@chromium.org>
We have decided that API defined in crosvm.h should signal errors by
returning negative values derived from common errno error codes. To
avoid confusion within the rest of crosvm code that is using positive
erro codes, let's perform the conversion to negative on that crosvm API
boundary, so it is contained.
TEST=cargo test --features plugin
BUG=None
Change-Id: Icb1e719c8e99c95fdc32dce13a30d6ff8d3d9dc7
Signed-off-by: Dmitry Torokhov <dtor@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/947563
Reviewed-by: Zach Reizner <zachr@chromium.org>
This change was overwritten yet again by a bad rebase. In this case it
was CL:942084.
TEST="crosvm run -s" with socket and then subsequent "crosvm stop"
causes the running VM to be shutdown
BUG=811749
Change-Id: I04d9b71b6eeef494eb0ffcd86c7bc71a86730a19
Reviewed-on: https://chromium-review.googlesource.com/951981
Commit-Ready: Zach Reizner <zachr@chromium.org>
Tested-by: Zach Reizner <zachr@chromium.org>
Reviewed-by: Robert Bradford <robert.bradford@intel.com>
Reviewed-by: Sonny Rao <sonnyrao@chromium.org>
Reviewed-by: Stephen Barber <smbarber@chromium.org>
Using an enum implementing PollToken is the recommended way to use
PollContext, but writing the trait impls for each enum is mechanical yet
error prone. This is a perfect candidate for a custom derive, which
automates away the process using a simple derive attribute on an enum.
BUG=chromium:816692
TEST=cargo test -p sys_util
Change-Id: If21d0f94f9af4b4f6cef1f24c78fc36b50471053
Reviewed-on: https://chromium-review.googlesource.com/940865
Commit-Ready: Zach Reizner <zachr@chromium.org>
Tested-by: Zach Reizner <zachr@chromium.org>
Reviewed-by: Chirantan Ekbote <chirantan@chromium.org>
A common cause of silent 100% CPU usage on otherwise idle VMs is because
some poll loop is waiting on sockets that were hung up on. An unrelated
issue is that using the Poller interface requires dynamic allocation on
every poll call for dynamically sized poll lists.
The PollContext struct detects and warns about the first problem at runtime
and solves the latter problem.
TEST=cargo test -p sys_util
BUG=chromium:816692
Change-Id: I42a9c961db07191d25bcba77c5136f5729400ec9
Reviewed-on: https://chromium-review.googlesource.com/933870
Commit-Ready: Zach Reizner <zachr@chromium.org>
Tested-by: Zach Reizner <zachr@chromium.org>
Reviewed-by: Chirantan Ekbote <chirantan@chromium.org>
Errno-based error codes are positive and turning them into negatives is
Linxu kernel internal convention. Let's not do this so we do not confuse
the signedness of errors coming from crosvm code and system libraries.
TEST=cargo test --features plugin
BUG=None
Change-Id: Ia89f0b78ad1d2bb30a2f427593f13ebfb548b2b0
Signed-off-by: Dmitry Torokhov <dtor@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/947562
Reviewed-by: Zach Reizner <zachr@chromium.org>
On ARM we need to set up all CPUs before we can initialize the
interrupt controller, which is unfortunately the opposite of the
required ordering on X86. This separates out the creation of the
VCPUs and puts their FDs into a vector and then launches threads from
that vector later on in the setup sequence.
BUG=chromium:797868
TEST=./build_test passes on all architectures
TEST=crosvm runs on caroline
Change-Id: I108234efd6c53c4681531701c107a11e42c029f5
Reviewed-on: https://chromium-review.googlesource.com/947462
Commit-Ready: Sonny Rao <sonnyrao@chromium.org>
Tested-by: Sonny Rao <sonnyrao@chromium.org>
Reviewed-by: Sonny Rao <sonnyrao@chromium.org>
