The memfd_create flags changed with "add memfd seal support", which
breaks the seccomp filter for the wayland device.
TEST=run a wayland app in crosvm
BUG=chromium:799523
Change-Id: I266e305bc3179a7b9fd105a684de92e944fe1fc6
Reviewed-on: https://chromium-review.googlesource.com/852937
Commit-Ready: Zach Reizner <zachr@chromium.org>
Tested-by: Zach Reizner <zachr@chromium.org>
Reviewed-by: Stephen Barber <smbarber@chromium.org>
The balloon device is used to take regions of unused memory from the
guest and allow other host processes to use that memory.
Change-Id: I06c821365a58672d605fc7555beaec599cae1b15
Signed-off-by: Dylan Reid <dgreid@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/759306
Reviewed-by: Stephen Barber <smbarber@chromium.org>
Suspend/resume can cause syscall restarts and will cause KVM_RUN ioctls
to return with EINTR. Handle these so the VM doesn't shut down.
BUG=none
TEST=vm survives suspend/resume
Change-Id: I1fab624cb8fe0949d341408f0c962c859a034205
Reviewed-on: https://chromium-review.googlesource.com/750054
Commit-Ready: Stephen Barber <smbarber@chromium.org>
Tested-by: Stephen Barber <smbarber@chromium.org>
Reviewed-by: Dylan Reid <dgreid@chromium.org>
Reviewed-by: Zach Reizner <zachr@chromium.org>
crosvm spawns a lot of processes/threads, and having these all use the same
name as the original process can be confusing. So at least in the instances
where Rust threads are spawned (vs. minijail_fork()), use a thread::Builder
to allow setting the thread name.
BUG=none
TEST=start crosvm, check thread names with top
Change-Id: I6e55ff5fd60f258880bda8e656ab7f9da82c656e
Reviewed-on: https://chromium-review.googlesource.com/742394
Commit-Ready: Stephen Barber <smbarber@chromium.org>
Tested-by: Stephen Barber <smbarber@chromium.org>
Reviewed-by: Stephen Barber <smbarber@chromium.org>
Implement the virtual sockets device using vhost subsystem of the host
kernel to handle data transfer.
BUG=chromium:708267
TEST=build and run maitred in guest VM without issue
Change-Id: I35b542c0fc7e0fd9296f7ba3e1dfce60bf524d15
Signed-off-by: Chirantan Ekbote <chirantan@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/638838
Reviewed-by: Stephen Barber <smbarber@chromium.org>
This adds the virtio wayland device which is activated by default. The wayland
device needs the XDG_RUNTIME_DIR env variable to be set and a running wayland
compositor to connect to in that directory.
TEST=crosvm run <other args>
BUG=chromium:738638
Change-Id: Iaa417c6bb74739896042318451b4befcac0c1d0e
Reviewed-on: https://chromium-review.googlesource.com/559860
Commit-Ready: Zach Reizner <zachr@chromium.org>
Tested-by: Zach Reizner <zachr@chromium.org>
Reviewed-by: Dylan Reid <dgreid@chromium.org>
By using libc's openlog, we can ensure that the internal state of the
libc syslogger is consistent with the syslog module. Minijail will be
able to print to stderr and the syslog in the same way the logging
macros in crosvm do. The FD the syslog module uses is shared with libc
and via `syslog::get_fds`, jailed processes can inherit the needed FDs
to continue logging.
Now that `sys_log::init()` must be called in single threaded process,
this moves its tests to the list of the serially run ones in
build_test.py.
TEST=./build_test
BUG=None
Change-Id: I8dbc8ebf9d97ef670185259eceac5f6d3d6824ea
Reviewed-on: https://chromium-review.googlesource.com/649951
Commit-Ready: Zach Reizner <zachr@chromium.org>
Tested-by: Zach Reizner <zachr@chromium.org>
Reviewed-by: Jason Clinton <jclinton@chromium.org>
Reviewed-by: Dylan Reid <dgreid@chromium.org>
We will almost certainly require different seccomp policy files for
different architectures. Move all the existing secommp policy files
into a common directory grouped by architecture.
This will make it easier to install them via the ebuild later.
BUG=none
TEST=none
Change-Id: I0495789cd4143dc374ee6ebe083dc20ce724edbb
Signed-off-by: Chirantan Ekbote <chirantan@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/630058
Reviewed-by: Zach Reizner <zachr@chromium.org>
Reviewed-by: Dylan Reid <dgreid@chromium.org>
