The guest expects to be able to read the CPUID, so the plugin process
needs to specify what the CPUID for each VCPU will have.
TEST=cargo test --features plugin; ./build_test
BUG=chromium:800626
Change-Id: I9258540ab2501126c3d8cadbd09b7fc01d19f7a9
Reviewed-on: https://chromium-review.googlesource.com/906006
Commit-Ready: Zach Reizner <zachr@chromium.org>
Tested-by: Zach Reizner <zachr@chromium.org>
Reviewed-by: Dylan Reid <dgreid@chromium.org>
Dirty logging is not necessary for every memory region, so the plugin
process should be able to specific exactly which regions it would like
dirty logging enabled for.
TEST=cargo test --features plugin
BUG=chromium:800626
Change-Id: I28b8285357e7de1c8c3a1392bdfdb4853ec5a654
Reviewed-on: https://chromium-review.googlesource.com/900294
Commit-Ready: Zach Reizner <zachr@chromium.org>
Tested-by: Zach Reizner <zachr@chromium.org>
Reviewed-by: Dylan Reid <dgreid@chromium.org>
The MSRs are useful for booting a full operating system that requires
them.
TEST=cargo test --features plugin; cargo test -p kvm; ./build_test
BUG=chromium:800626
Change-Id: I817fbf3e6868c85b373808bd48e568b5b2b458eb
Reviewed-on: https://chromium-review.googlesource.com/897412
Commit-Ready: Zach Reizner <zachr@chromium.org>
Tested-by: Zach Reizner <zachr@chromium.org>
Reviewed-by: Zach Reizner <zachr@chromium.org>
The debug registers are useful to access for the plugin process in some
cases.
TEST=cargo test --features plugin; cargo test -p kvm; ./build_test
BUG=chromium:800626
Change-Id: I8f3f6c31c6989061a43cef948cf5b4e64bd52d30
Reviewed-on: https://chromium-review.googlesource.com/896945
Commit-Ready: Zach Reizner <zachr@chromium.org>
Tested-by: Zach Reizner <zachr@chromium.org>
Reviewed-by: Zach Reizner <zachr@chromium.org>
This uses the same command line mechanism as the kernel command line
option. As a consequence, the Config field for the params is now a
vector of strings to accommodate potential whitespace in the individual
params.
TEST=cargo build --features plugin; ./build_test
BUG=chromium:800626
Change-Id: Ief20a55bf7ced23f64e5112e184dd714f050120a
Reviewed-on: https://chromium-review.googlesource.com/895415
Commit-Ready: Zach Reizner <zachr@chromium.org>
Tested-by: Zach Reizner <zachr@chromium.org>
Reviewed-by: Dylan Reid <dgreid@chromium.org>
The plugin process is similar to a virtual device from the perspective
of crosvm. Therefore, the plugin process should be run in a jail,
similar to the other devices in crosvm.
TEST=cargo build --features plugin; ./build_test
BUG=chromium:800626
Change-Id: I881d7b0f8a11e2626f69a5fa0eee0aa59bb6b6be
Reviewed-on: https://chromium-review.googlesource.com/882131
Commit-Ready: Zach Reizner <zachr@chromium.org>
Tested-by: Zach Reizner <zachr@chromium.org>
Reviewed-by: Dylan Reid <dgreid@chromium.org>
The plugin process is good for running a VM that depends substantially
on devices that aren't implemented inside of crosvm.
TEST=cargo build --features plugin; ./build_test
BUG=chromium:800626
Change-Id: I7b4f656563742cd0bedc837205dd1240d497941d
Reviewed-on: https://chromium-review.googlesource.com/869357
Commit-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com>
Tested-by: Zach Reizner <zachr@chromium.org>
Reviewed-by: Dylan Reid <dgreid@chromium.org>
This is the shared library used by the plugin process to speak to a
crosvm main process that spawned it.
TEST=cargo build --features plugin
BUG=chromium:800626
Change-Id: I100e7ddfc1099fbdf1462c171785a861e075d5d7
Reviewed-on: https://chromium-review.googlesource.com/869356
Commit-Ready: Zach Reizner <zachr@chromium.org>
Tested-by: Zach Reizner <zachr@chromium.org>
Reviewed-by: Zach Reizner <zachr@chromium.org>
Read only memory is useful for triggering VM exits when the VM writes to
memory while allowing reads transparently and quickly. For example, a
virtual device implementation might not care if the VM reads a memory
mapped device register, but a exit would be required if the VM wrote to
the same register.
TEST=cargo test -p kvm; ./build_test
BUG=chromium:800626
Change-Id: Ic605b2cfc2a1e44941d91945f9390b9abb820040
Reviewed-on: https://chromium-review.googlesource.com/903075
Commit-Ready: Zach Reizner <zachr@chromium.org>
Tested-by: Zach Reizner <zachr@chromium.org>
Reviewed-by: Zach Reizner <zachr@chromium.org>
This is used in the plugin process implementation, and it makes sense
that EventFd should have all the RawFd related traits.
TEST=./build_test
BUG=chromium:800626
Change-Id: Ic96623e169e4d9584a082628c1540ca6de709a16
Reviewed-on: https://chromium-review.googlesource.com/900488
Commit-Ready: Zach Reizner <zachr@chromium.org>
Tested-by: Zach Reizner <zachr@chromium.org>
Reviewed-by: Dylan Reid <dgreid@chromium.org>
usize isn't used in this test any more. Remove compiler warning.
Change-Id: I9493e22f563f2fc15532564ea57d70de593c4421
Signed-off-by: Dylan Reid <dgreid@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/902778
Reviewed-by: Sonny Rao <sonnyrao@chromium.org>
VolatileMemory::size() now returns a u64, fix the doctest so it
compares the returned value with a u64.
BUG=none
TEST=cargo test --all -- --test-threads=1
Change-Id: If1ae94d83bfc1f2f995fd71bfdede324c162ab4e
Signed-off-by: Dylan Reid <dgreid@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/902777
Reviewed-by: Stephen Barber <smbarber@chromium.org>
Reviewed-by: Sonny Rao <sonnyrao@chromium.org>
We'll want architecture code to be able to supply and manipulate Linux
kernel command lines, so let's move this out to it's own crate and
export the interfaces.
BUG=chromium:797868
TEST=./build_test passes on all architectures
TEST=crosvm runs on caroline
Change-Id: I94904055ac02582a4f4d8bbb54d0f41ed14b955d
Signed-off-by: Sonny Rao <sonnyrao@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/898351
Reviewed-by: Dylan Reid <dgreid@chromium.org>
This slightly advances the use of fakes to test higher level
application logic. The fakes are rudimentary at this point, but I
wanted to get feedback on the addition of generics in order to
facilitate swaping concrete implementations out with fakes in higher
level code.
BUG=none
TEST=./build_test and
cargo test -p crosvm -p data_model -p syscall_defines -p kernel_loader
-p net_util -p x86_64 -p virtio_sys -p kvm_sys -p vhost -p io_jail -p
net_sys -p sys_util -p kvm
Change-Id: Ib64581014391f49cff30ada10677bbbcd0088f20
Reviewed-on: https://chromium-review.googlesource.com/689740
Commit-Ready: Jason Clinton <jclinton@chromium.org>
Tested-by: Jason Clinton <jclinton@chromium.org>
Reviewed-by: Stephen Barber <smbarber@chromium.org>
Add a pkgconfig file and script to fix it up at build time.
Also fix extern "C" for the qcow_utils header.
BUG=chromium:806119
TEST=emerge-eve-kvm crosvm
Change-Id: Ib69d9e88b42d2f2c8661798c37537a4236e0506e
Reviewed-on: https://chromium-review.googlesource.com/891572
Commit-Ready: Stephen Barber <smbarber@chromium.org>
Tested-by: Stephen Barber <smbarber@chromium.org>
Reviewed-by: Dylan Reid <dgreid@chromium.org>
Reviewed-by: Mike Frysinger <vapier@chromium.org>
This C library will be use by the VM launcher to create the qcow2 files
used for persistent VM data.
CQ-DEPEND=CL:884263
BUG=none
TEST=cargo test --all -- --test-threads=1
Change-Id: Ibd7f71d2e3f1f72f781978f014865d2161f033f5
Signed-off-by: Dylan Reid <dgreid@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/875116
We want to be able to run 64-bit ARM kernels using a 32-bit version of
crosvm, to make it more consistent use a u64 to represent
GuestAddress.
BUG=chromium:797868
TEST=./build_test passes on all architectures
TEST=crosvm runs on caroline
Change-Id: I43bf993592caf46891e3e5e05258ab70b6bf3045
Signed-off-by: Sonny Rao <sonnyrao@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/896398
Reviewed-by: Dylan Reid <dgreid@chromium.org>
Check the correct offset for divided writes. This was causing failures
with btrfs.
Add a unit test that checks for errors like this.
Change-Id: Ic29e6f02edf42aea19c4cbced2994c2259baf823
Signed-off-by: Dylan Reid <dgreid@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/894469
Commit-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com>
Reviewed-by: Stephen Barber <smbarber@chromium.org>
The exec version of Minijail::fork is useful for running the heavily
sandboxed plugin process which is always passed in as a separate
executable by path.
TEST=./build_test
BUG=chromium:800626
Change-Id: Id31b7998f49d56a5bfbc978c1e1811dd54c5a323
Reviewed-on: https://chromium-review.googlesource.com/882130
Commit-Ready: Zach Reizner <zachr@chromium.org>
Tested-by: Zach Reizner <zachr@chromium.org>
Reviewed-by: Zach Reizner <zachr@chromium.org>
Don't allow AvailIter to loop forever if there is malformed input.
Making sure that the queue has less than queue_len entries prevents
array out of bounds panics when fuzzing.
Change-Id: Ibceadff19a1026bf5d68e05008c48ce9c85c52a3
Signed-off-by: Dylan Reid <dgreid@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/882618
Commit-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com>
Reviewed-by: Zach Reizner <zachr@chromium.org>
The kernel expects a pointer to a physical address, not a physical
address directly in the ioctl argument.
TEST=cargo test -p kvm
BUG=chromium:800626
Change-Id: I4a7298149373c00b5b9c634cd1dead7053d053c3
Reviewed-on: https://chromium-review.googlesource.com/893215
Commit-Ready: Zach Reizner <zachr@chromium.org>
Tested-by: Zach Reizner <zachr@chromium.org>
Reviewed-by: Stephen Barber <smbarber@chromium.org>
This really should have been added along with the poll timeout support,
which changed the syscalls used in every jailed device.
TEST=run crosvm with sandboxing enabled
BUG=None
Change-Id: I6129fa589640bb2b85fb4274775192bdd49db672
Reviewed-on: https://chromium-review.googlesource.com/890379
Commit-Ready: Zach Reizner <zachr@chromium.org>
Tested-by: Zach Reizner <zachr@chromium.org>
Reviewed-by: Stephen Barber <smbarber@chromium.org>
This header file defines the C API used to interface with crosvm as a
plugin process.
TEST=None
BUG=chromium:800626
Change-Id: Ie06b833e25dab8f31f64d8bc8b4b521b61d1ca04
Reviewed-on: https://chromium-review.googlesource.com/764267
Commit-Ready: Zach Reizner <zachr@chromium.org>
Tested-by: Zach Reizner <zachr@chromium.org>
Reviewed-by: Dmitry Torokhov <dtor@chromium.org>
Reviewed-by: Dylan Reid <dgreid@chromium.org>
These functions are very useful C-style type casting of byte buffers to
structs in a safe manner for types that implement DataInit.
BUG=None
TEST=None
Change-Id: I4c8e1b9f7f13da5a39b65f224b65f09f31d56f1c
Reviewed-on: https://chromium-review.googlesource.com/869354
Commit-Ready: Zach Reizner <zachr@chromium.org>
Tested-by: Zach Reizner <zachr@chromium.org>
Reviewed-by: Dylan Reid <dgreid@chromium.org>
When servicing requests from a soon to be killed plugin process, a
timeout for poll is needed so that the main process can force kill the
plugin if the plugin takes too long to exit gracefully.
TEST=./build_test
BUG=chromium:800626
Change-Id: Ief0e0b4f01146f85adaee0663bd8e5775c26c588
Reviewed-on: https://chromium-review.googlesource.com/865775
Commit-Ready: Zach Reizner <zachr@chromium.org>
Tested-by: Zach Reizner <zachr@chromium.org>
Reviewed-by: Dmitry Torokhov <dtor@chromium.org>
Reviewed-by: Dylan Reid <dgreid@chromium.org>
This is used by the plugin process API, which may register an IRQ
routing table.
TEST=./build_test
BUG=chromium:800626
Change-Id: If40965e8abfb0c9074c90b5fc77f9042f06499e0
Reviewed-on: https://chromium-review.googlesource.com/857910
Commit-Ready: Zach Reizner <zachr@chromium.org>
Tested-by: Zach Reizner <zachr@chromium.org>
Reviewed-by: Dmitry Torokhov <dtor@chromium.org>
Reviewed-by: Dylan Reid <dgreid@chromium.org>
Now that the crosvm user is part of the wayland group, we don't need to
explicitly set the group of the wayland process to wayland. This also
allows to drop CAP_SETUID and CAP_SETGID from the set of capabilities
granted to crosvm.
BUG=chromium:786663
TEST=Start a VM with graphics through crosvm
CQ-DEPEND=CL:885264
Change-Id: If0675f60a13314d35baca4657a637fd8c3998668
Signed-off-by: Chirantan Ekbote <chirantan@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/885245
Reviewed-by: Dylan Reid <dgreid@chromium.org>
Reviewed-by: Mike Frysinger <vapier@chromium.org>
For creating qcow files there needs to be the ability to save headers to
disk so they can be opened later.
Change-Id: Icf0134dd5ad3910c09f6e3766aca17ee003956c0
Signed-off-by: Dylan Reid <dgreid@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/875115
Reviewed-by: Stephen Barber <smbarber@chromium.org>
Reviewed-by: Zach Reizner <zachr@chromium.org>
Allow an empty QcowHeader to be created. Later, this allows QcowFiles to
be created in addition to opened.
Change-Id: Ifcc2f8ed2a92054fb7b60999d401fb573e98aa73
Signed-off-by: Dylan Reid <dgreid@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/875114
Reviewed-by: Stephen Barber <smbarber@chromium.org>
Using qcow to allow for growable disk. These will be used for user data.
Change-Id: Iefb54eb4255db2ea7693db0020c5f1429acd73fd
Signed-off-by: Dylan Reid <dgreid@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/862629
Reviewed-by: Stephen Barber <smbarber@chromium.org>
QCOW2 files will be used to store the VM's data on ChromeOS. Add
support for basic reading and writing of qcow files.
CQ-DEPEND=CL:872451
BUG=none
TEST=qcow unit tests and use "qemu-image check" to verify generated qcow
files.
Change-Id: I4b9e77e58edca69f894ede19e79ebd2cd7b2623e
Signed-off-by: Dylan Reid <dgreid@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/862628
Reviewed-by: Stephen Barber <smbarber@chromium.org>
There's no need to provide direct access to /dev/random to all guests,
and we don't want them to be able to drain entropy from other VMs and
from the host itself.
BUG=chromium:800520
TEST=precq passes
Change-Id: I94ea0755123ee7479ca83c07525ca870d42c637f
Reviewed-on: https://chromium-review.googlesource.com/872890
Commit-Ready: Mike Frysinger <vapier@chromium.org>
Tested-by: Mike Frysinger <vapier@chromium.org>
Reviewed-by: Dylan Reid <dgreid@chromium.org>
Reviewed-by: Zach Reizner <zachr@chromium.org>
For the callers of get_dirty_log, they must pass in bitmap large enough
to hold the log. Instead of duplicating that calculation inside the
method and the caller, this change provides a public helper usable by
both to calculate the bitmap's minimum size.
TEST=./build_test
BUG=chromium:800626
Change-Id: I349aa0dd7e78e7f9ea3d35ba0acba8088fd77a4e
Reviewed-on: https://chromium-review.googlesource.com/857909
Commit-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com>
Tested-by: Zach Reizner <zachr@chromium.org>
Reviewed-by: Dylan Reid <dgreid@chromium.org>
This is needed to support the plugin API, which might unregister such
eventfds.
BUG=chromium:800626
TEST=./build_test
Change-Id: Ic4e74ffd4b2374868644d1f6598509aba741ce00
Reviewed-on: https://chromium-review.googlesource.com/857908
Commit-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com>
Tested-by: Zach Reizner <zachr@chromium.org>
Reviewed-by: Dylan Reid <dgreid@chromium.org>
This will be very useful in tests that need a file as it removes the
need for a temporary file to be created.
Change-Id: I7fb08209174c870279e34ee07aad7a3b05baaad9
Signed-off-by: Dylan Reid <dgreid@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/864625
Reviewed-by: Zach Reizner <zachr@chromium.org>
Allow block to take anything that satisfies the traits it uses. This
will allow for different backends to be used in addition to normal
files. The first new backend will be qcow2 added in subsequent commits.
Change-Id: I571ffc8ad4b5d56f286e134f47a60261d639b160
Signed-off-by: Dylan Reid <dgreid@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/862627
Reviewed-by: Zach Reizner <zachr@chromium.org>
Add a top level fuzz directory. Other fuzz tests will be added here in
subsequent commits.
For now fuzzing must be run manually. Soon there will be a way to
extract the fuzz artifacts and upload them to cluster fuzz.
Change-Id: Iddfb55af78af6f412927b2221f22acb882069d36
Signed-off-by: Dylan Reid <dgreid@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/850851
Reviewed-by: Zach Reizner <zachr@chromium.org>
There were a few places that used this to get the page size inside of an
unsafe block, For convenience, this adds a safe wrapper in sys_util and
replaces all extant usage of sysconf with the wrapper version.
BUG=chromium:800626
TEST=./build_test
Change-Id: Ic65bf72aea90eabd4158fbdcdbe25c3f13ca93ac
Reviewed-on: https://chromium-review.googlesource.com/857907
Commit-Ready: Zach Reizner <zachr@chromium.org>
Tested-by: Zach Reizner <zachr@chromium.org>
Reviewed-by: Stephen Barber <smbarber@chromium.org>
Reviewed-by: Dylan Reid <dgreid@chromium.org>
This is used to make EventFd passed over unix domain socket, such as by
the plugin API.
TEST=./build_test
BUG=chromium:800626
Change-Id: Ifd6c81c51b31a376d57a007bf413a836f3af870a
Reviewed-on: https://chromium-review.googlesource.com/857906
Commit-Ready: Zach Reizner <zachr@chromium.org>
Tested-by: Zach Reizner <zachr@chromium.org>
Reviewed-by: Stephen Barber <smbarber@chromium.org>
Reviewed-by: Dylan Reid <dgreid@chromium.org>
TSYNC isn't particularly useful for the device jails since they start
with just a single thread. But a useful side effect of having minijail
use TSYNC is that instead of the default SECCOMP_RET_KILL_THREAD behavior,
minijail switches to SECCOMP_RET_TRAP and uses the default signal disposition
which dumps core.
Until SECCOMP_RET_KILL_PROCESS is available on all kernel versions with crosvm,
using TSYNC this way allows killing the entire device process instead of just
one thread. This ensures if seccomp kills a worker thread in a device, the
entire device process will die, and the crosvm main process will exit.
BUG=chromium:799523
TEST=add banned syscall to net device worker thread and ensure crosvm exits
Change-Id: Ie9ebfc90c79dcf49283cb2628dc8d4c848e8385b
Reviewed-on: https://chromium-review.googlesource.com/853302
Commit-Ready: Stephen Barber <smbarber@chromium.org>
Tested-by: Stephen Barber <smbarber@chromium.org>
Reviewed-by: Dylan Reid <dgreid@chromium.org>
The memfd_create flags changed with "add memfd seal support", which
breaks the seccomp filter for the wayland device.
TEST=run a wayland app in crosvm
BUG=chromium:799523
Change-Id: I266e305bc3179a7b9fd105a684de92e944fe1fc6
Reviewed-on: https://chromium-review.googlesource.com/852937
Commit-Ready: Zach Reizner <zachr@chromium.org>
Tested-by: Zach Reizner <zachr@chromium.org>
Reviewed-by: Stephen Barber <smbarber@chromium.org>
The jail for the wayland device used chown to ensure that its jail had
the proper permissions for the wayland socket to be bind mounted into
it. This creates some unnecessary complexity because it requires
careful management of the user and group and crosvm runs as (a non-root
user cannot change the owner of a directory) or that crosvm has the
CAP_CHOWN capability.
Instead of trying to make the permissions fit, just have the jail mount
a small tmpfs over the jail's root directory. This is one of the things
that a process inside a user namespace has the ability to do. Bind
mounting the wayland socket into this tmpfs then just works without any
other issues.
BUG=chromium:799523
TEST=linux vm boots with no errors
Change-Id: Ic2240f430c7fd332a15b4fcd4e52374799eb6c9d
Signed-off-by: Chirantan Ekbote <chirantan@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/851413
Commit-Ready: Zach Reizner <zachr@chromium.org>
Tested-by: Zach Reizner <zachr@chromium.org>
Reviewed-by: Stephen Barber <smbarber@chromium.org>
Add support for minijail_mount and minijail_mount_with_data. This will
be used by the jail for the wayland device.
BUG=none
TEST=filesystem is mounted inside the jail
Change-Id: I6ad9933d057e7642a7551a6a316ff65d3b95a9dd
Signed-off-by: Chirantan Ekbote <chirantan@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/851412
Commit-Ready: Zach Reizner <zachr@chromium.org>
Tested-by: Zach Reizner <zachr@chromium.org>
Reviewed-by: Dylan Reid <dgreid@chromium.org>
This makes process cleanup difficult because minijail calls
setsid(), and that removes the devices from the main process's
process group.
BUG=chromium:799523
TEST=stop crosvm and ensure there are no zombies hanging around
Change-Id: I14c54cf250bdc7339970c886cdab9ff2f4b8a135
Reviewed-on: https://chromium-review.googlesource.com/852987
Commit-Ready: Stephen Barber <smbarber@chromium.org>
Tested-by: Stephen Barber <smbarber@chromium.org>
Reviewed-by: Dylan Reid <dgreid@chromium.org>
Use ok_or to remove the match witch was harder to read. No functional
change. Pull the check in to a function so that it only needs to be
right once.
Change-Id: I0e5801d9e7e82994e7f1fbda0d2692a4afd59d99
Signed-off-by: Dylan Reid <dgreid@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/850850
Reviewed-by: Zach Reizner <zachr@chromium.org>
The other functions in mmap check that the offset doesn't overflow. The
kernel_loader fuzzer found that read forgot to check.
Change-Id: Ifc89dbe40345c5923a5cf29c9f29e810e9e1a1e8
Signed-off-by: Dylan Reid <dgreid@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/850542
Reviewed-by: Zach Reizner <zachr@chromium.org>
The syslog subsystem tries to figure out the file descriptor for the
connection to the system logger so that it can ensure that it doesn't
get closed in each device process.
However, the check does not work properly if there was already an open
connection to the system logger. In this case the openlog call does not
do anything and we end up guessing the wrong file descriptor number for
the syslog connection.
Work around this by adding a closelog() call before attempting all of
this cleverness. In the long run this should be fixed properly by just
bind mounting /dev/log into each device process's jail.
BUG=none
TEST=Running crosvm under minijail0 does not cause an InvalidFd error.
Change-Id: Iffd535d62acdf8053817af74b9e97444c746a0cf
Signed-off-by: Chirantan Ekbote <chirantan@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/851271
Reviewed-by: Zach Reizner <zachr@chromium.org>
Reviewed-by: Dylan Reid <dgreid@chromium.org>
Getting and settings seals is useful to ensure the size of files
underlying memory mappings doesn't shrink, which can trigger a SIGBUS on
access to the truncated pages.
This also bumps the libc version to get MFD_ALLOW_SEALING.
TEST=cargo test
BUG=None
CQ-DEPEND=CL:850535
Change-Id: Ifbe1ec2c47d3d5c51b63472f545acc10d3c8eed2
Reviewed-on: https://chromium-review.googlesource.com/849488
Commit-Ready: Zach Reizner <zachr@chromium.org>
Tested-by: Zach Reizner <zachr@chromium.org>
Reviewed-by: Dylan Reid <dgreid@chromium.org>
