mirrors/crosvm
1
0
Fork 0
mirror of https://chromium.googlesource.com/crosvm/crosvm synced 2025-02-06 18:38:01 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions
2026 commits 607 branches 2 tags 236 MiB
Commit graph

12 commits

Author SHA1 Message Date
Daniel Verkamp
8ef81401dd devices: virtio: block: fix arm fcntl syscall 
The arm version of libc uses the fcntl64 syscall (0xdd); update the
seccomp policy to match the other arm policies.

BUG=chromium:901139
TEST=Boot Crostini on kevin (arm)

Change-Id: I82eee1ec4918a56495d6c330913c34d4a4a20e4b
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/2705290
Reviewed-by: Zach Reizner <zachr@chromium.org>
Reviewed-by: Dylan Reid <dgreid@chromium.org>
Reviewed-by: kokoro <noreply+kokoro@google.com>
Tested-by: Dylan Reid <dgreid@chromium.org>
Tested-by: kokoro <noreply+kokoro@google.com>
Commit-Queue: Daniel Verkamp <dverkamp@chromium.org>
 2021-02-19 06:30:01 +00:00
Dylan Reid
503c5abef6 devices: Add an asynchronous block device 
This enables the use of basic disk images with async IO. A new
block_async.rs is added which mostly mirrors block, except that all
IO operations are asynchronous allowing for multiple virt queues to be
used.

The old block remains unchanged and is still used for qcow, android
sparse, and composite disks. Those should be converted to as time
allows, but this dual approach will have to do for now so ARCVM disk
performance can be properly evaluated.

fio --ioengine=libaio --randrepeat=1 --direct=1 --gtod_reduce=1
--name=test --filename=test --bs=4k --iodepth=64 --size=4G
--readwrite=randrw --rwmixread=75

desktop with nvme:

before:
READ: bw=36.2MiB/s (37.9MB/s), 36.2MiB/s-36.2MiB/s (37.9MB/s-37.9MB/s),
io=3070MiB (3219MB), run=84871-84871msec
WRITE: bw=12.1MiB/s (12.7MB/s), 12.1MiB/s-12.1MiB/s (12.7MB/s-12.7MB/s),
io=1026MiB (1076MB), run=84871-84871msec
after:
READ: bw=257MiB/s (269MB/s), 257MiB/s-257MiB/s (269MB/s-269MB/s),
io=3070MiB (3219MB), run=11964-11964msec
WRITE: bw=85.8MiB/s (89.9MB/s), 85.8MiB/s-85.8MiB/s (89.9MB/s-89.9MB/s),
io=1026MiB (1076MB), run=11964-11964msec

samus with 5.6 kernel
before:
READ: bw=55.3MiB/s (57.9MB/s), 55.3MiB/s-55.3MiB/s (57.9MB/s-57.9MB/s),
io=768MiB (805MB), run=13890-13890msec
WRITE: bw=18.5MiB/s (19.4MB/s), 18.5MiB/s-18.5MiB/s (19.4MB/s-19.4MB/s),
io=256MiB (269MB), run=13890-13890msec
after:
READ: bw=71.2MiB/s (74.7MB/s), 71.2MiB/s-71.2MiB/s (74.7MB/s-74.7MB/s),
io=3070MiB (3219MB), run=43096-43096msec
WRITE: bw=23.8MiB/s (24.0MB/s), 23.8MiB/s-23.8MiB/s (24.0MB/s-24.0MB/s),
io=1026MiB (1076MB), run=43096-43096msec

kevin with 5.6 kernel
before:
READ: bw=12.9MiB/s (13.5MB/s), 12.9MiB/s-12.9MiB/s (13.5MB/s-13.5MB/s),
io=1534MiB (1609MB), run=118963-118963msec
WRITE: bw=4424KiB/s (4530kB/s), 4424KiB/s-4424KiB/s (4530kB/s-4530kB/s),
io=514MiB (539MB), run=118963-118963msec
after:
READ: bw=12.9MiB/s (13.5MB/s), 12.9MiB/s-12.9MiB/s (13.5MB/s-13.5MB/s),
io=1534MiB (1609MB), run=119364-119364msec
WRITE: bw=4409KiB/s (4515kB/s), 4409KiB/s-4409KiB/s (4515kB/s-4515kB/s),
io=514MiB (539MB), run=119364-119364msec

eve with nvme and 5.7 kernel
before:
READ: bw=49.4MiB/s (51.8MB/s), 49.4MiB/s-49.4MiB/s (51.8MB/s-51.8MB/s),
io=3070MiB
(3219MB), run=62195-62195msec
WRITE: bw=16.5MiB/s (17.3MB/s), 16.5MiB/s-16.5MiB/s (17.3MB/s-17.3MB/s),
io=1026MiB
 (1076MB), run=62195-62195msec
after
READ: bw=125MiB/s (131MB/s), 125MiB/s-125MiB/s (131MB/s-131MB/s),
io=3070MiB (3219MB), run=24593-24593msec
WRITE: bw=41.7MiB/s (43.7MB/s), 41.7MiB/s-41.7MiB/s
(43.7MB/s-43.7MB/s), io=1026MiB (1076MB), run=24593-24593msec

rammus with 5.10 kernel
before:
READ: bw=6927KiB/s (7093kB/s), 6927KiB/s-6927KiB/s (7093kB/s-7093kB/s),
io=3070MiB (3219MB), run=453822-453822msec
WRITE: bw=2315KiB/s (2371kB/s), 2315KiB/s-2315KiB/s (2371kB/s-2371kB/s),
io=1026MiB (1076MB), run=453822-453822msec
after:
Run status group 0 (all jobs):
READ: bw=10.0MiB/s (11.5MB/s), 10.0MiB/s-10.0MiB/s (11.5MB/s-11.5MB/s),
io=3070MiB (3219MB), run=279111-279111msec
WRITE: bw=3764KiB/s (3855kB/s), 3764KiB/s-3764KiB/s (3855kB/s-3855kB/s),
io=1026MiB (1076MB), run=279111-279111msec

BUG=chromium:901139
TEST=unitests
TEST=boot a test image and run fio tests from the guest to measure speed.
TEST=start ARCVM
TEST=tast run $DUT crostini.ResizeOk.dlc_stretch_stable

Change-Id: Idb63628871d0352bd18501a69d9c1c887c37607b
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/2306786
Tested-by: Keiichi Watanabe <keiichiw@chromium.org>
Tested-by: kokoro <noreply+kokoro@google.com>
Reviewed-by: Dylan Reid <dgreid@chromium.org>
Reviewed-by: Chirantan Ekbote <chirantan@chromium.org>
Reviewed-by: Daniel Verkamp <dverkamp@chromium.org>
Commit-Queue: Keiichi Watanabe <keiichiw@chromium.org>
 2021-02-17 04:11:55 +00:00
Matt Delco
8488a0bbbb seccomp: remove redundant unconditional arm/arm64 rules 
Minijail's policy compiler complains when there's multiple
unconditional rules for a syscall.  In most cases the rules
are redundant to common_device.policy.

BUG=None
TEST=Ran compile_seccomp_policy.py until it stopped
complaining.

Change-Id: Ic43d1fd13f9c012641d71e526942229eb8b08ed4
Signed-off-by: Matt Delco <delco@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/2034024
Tested-by: kokoro <noreply+kokoro@google.com>
Reviewed-by: Dylan Reid <dgreid@chromium.org>
 2020-02-04 23:27:21 +00:00
Daniel Verkamp
5de0604f29 seccomp: allow statx syscall where stat/fstat was allowed 
This is used in Rust 1.40.0's libstd in place of stat/fstat; update the
whitelists to allow the new syscall as well.

BUG=chromium:1042461
TEST=`crosvm disk resize` does not trigger seccomp failure

Change-Id: Ia3f0e49ee009547295c7af7412dfb5eb3ac1efcb
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/2003685
Reviewed-by: Chirantan Ekbote <chirantan@chromium.org>
Tested-by: kokoro <noreply+kokoro@google.com>
Commit-Queue: Daniel Verkamp <dverkamp@chromium.org>
 2020-01-17 23:04:03 +00:00
Daniel Verkamp
6eadef77a3 sys_util: add WriteZeroesAt trait 
Add a variant of WriteZeroes that allows the caller to specify the
offset explicitly instead of using the file's cursor.  This gets rid of
one of the last bits of shared state between disk file users, which will
help in implementing multi-queue support.

Additionally, modify the WriteZeroes trait to use a generic
implementation based on WriteZeroesAt + Seek when possible.

BUG=chromium:858815
TEST=Boot Termina in crosvm

Change-Id: If710159771aeeb55f4f7746dd4354b6c042144e8
Signed-off-by: Daniel Verkamp <dverkamp@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/1913519
 2019-11-27 21:22:37 +00:00
Daniel Verkamp
ec5916daa0 devices: virtio: block: use FileReadWriteAtVolatile 
Use the "at" variants of the read/write functions in the block device.
This reduces the number of syscalls on the host per I/O to one
(pread64/pwrite64) rather than two (lseek + read/write).

The CompositeDiskFile implementation is also updated in this commit,
since it's both a producer and consumer of DiskFile, and it isn't
trivial to update it in a separate commit without breaking compilation.

BUG=None
TEST=Start Crostini on kevin, banon, and nami

Change-Id: I031e7e87cd6c99504db8c56b1725ea51c1e27a53
Signed-off-by: Daniel Verkamp <dverkamp@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/1845948
Tested-by: kokoro <noreply+kokoro@google.com>
Reviewed-by: Stephen Barber <smbarber@chromium.org>
 2019-10-29 22:06:22 +00:00
Zach Reizner
bae43dd4c9 seccomp: refactor policy into common_device.policy 
CQ-DEPEND=CL:1449895
BUG=None
TEST=vmc start termina

Change-Id: Ia3edaafc1d2958bd40e6b1adc89dd5e29b679b06
Reviewed-on: https://chromium-review.googlesource.com/1448292
Commit-Ready: Zach Reizner <zachr@chromium.org>
Tested-by: kokoro <noreply+kokoro@google.com>
Tested-by: Zach Reizner <zachr@chromium.org>
Reviewed-by: Daniel Verkamp <dverkamp@chromium.org>
 2019-02-07 03:02:12 -08:00
Daniel Verkamp
5656c124af devices: block: fix seccomp failures from free() 
It looks like free() will sometimes try to open
/proc/sys/vm/overcommit_memory in order to decide whether to return
freed heap memory to the kernel; change the seccomp filter to fail the
open syscalls with an error code (ENOENT) rather than killing the
process.

Also allow madvise to free memory for the same free() codepath.

BUG=chromium:888212
TEST=Run fio loop test on kevin

Change-Id: I1c27b265b822771f76b7d9572d9759476770000e
Signed-off-by: Daniel Verkamp <dverkamp@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1305756
Commit-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com>
Reviewed-by: Dylan Reid <dgreid@chromium.org>
 2018-10-31 12:42:43 -07:00
Daniel Verkamp
b1570f2672 qcow: track deallocated clusters as unreferenced 
In deallocate_cluster(), we call set_cluster_refcount() to unref the
cluster that is being deallocated, but we never actually added the
deallocated cluster to the unref_clusters list.  Add clusters whose
refcounts reach 0 to the unref_clusters list as well.

Also add mremap() to the seccomp whitelist for the block device, since
this is being triggered by libc realloc() and other devices already
include it in the whitelist.

BUG=chromium:850998
TEST=cargo test -p qcow; test crosvm on nami and verify that qcow file
     size stays bounded when creating a 1 GB file and deleting it
     repeatedly

Change-Id: I1bdd96b2176dc13069417e0ac77f0768f9f26012
Signed-off-by: Daniel Verkamp <dverkamp@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1259404
Reviewed-by: Dylan Reid <dgreid@chromium.org>
 2018-10-05 07:54:49 -07:00
Daniel Verkamp
616a093d91 devices: block: allow timerfd syscalls in seccomp 
"devices: block: Flush a minute after a write" introduced new timerfd_
syscalls into the block device but did not add them to the seccomp
whitelist.

BUG=chromium:885238
TEST=Run crosvm in multiprocess mode and verify that it boots

Change-Id: I1568946c64d86ab7dba535a430a8cbe235f64454
Signed-off-by: Daniel Verkamp <dverkamp@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1231513
Commit-Ready: Dylan Reid <dgreid@chromium.org>
Tested-by: Dylan Reid <dgreid@chromium.org>
Reviewed-by: Dylan Reid <dgreid@chromium.org>
 2018-09-19 15:40:06 -07:00
Daniel Verkamp
7621d910f5 devices: block: implement discard and write zeroes 
Discard and Write Zeroes commands have been added to the virtio block
specification:
88c8553838

Implement both commands using the WriteZeroes trait.

BUG=chromium:850998
TEST=fstrim within termina on a writable qcow image

Change-Id: I33e54e303202328c10f7f2d6e69ab19f419f3998
Signed-off-by: Daniel Verkamp <dverkamp@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1188680
Reviewed-by: Stephen Barber <smbarber@chromium.org>
Reviewed-by: Dylan Reid <dgreid@chromium.org>
 2018-09-10 13:33:46 -07:00
Sonny Rao
b847858e66 seccomp: rename aarch64 -> arm 
These policies are not for aarch64 but use the 32-bit system calls.
We call it aarch64 support because that's what we're targetting for
the guest kernel, but it doesn't really make any sense to call the
seccomp policies aarch64 when we're building a 32-bit binary.
We can add real aarch64 seccomp policies when we start building a
aarch64 crosvm binary.

BUG=chromium:866197
TEST=emerge-kevin crosvm, run vm_CrosVmStart
CQ-DEPEND=CL:1145903

Change-Id: I7c5e70fbc127e4209ed392cfcf10ea36a6dd4b2c
Reviewed-on: https://chromium-review.googlesource.com/1145909
Commit-Ready: Sonny Rao <sonnyrao@chromium.org>
Tested-by: Sonny Rao <sonnyrao@chromium.org>
Reviewed-by: Stephen Barber <smbarber@chromium.org>
Reviewed-by: Zach Reizner <zachr@chromium.org>
 2018-07-23 21:04:38 -07:00
Renamed from seccomp/aarch64/block_device.policy (Browse further)