crosvm

mirrors/crosvm

Fork 0

mirror of https://chromium.googlesource.com/crosvm/crosvm synced 2024-10-25 05:35:41 +00:00

Commit graph

Author	SHA1	Message	Date
Zach Reizner	f651357433	crosvm: use sys_util::clone_process to create proxy device The `clone_process` function was created to safely encapsulate fork/clone usage for the proxy device. This patch changes proxy device to do utilize that. TEST=cargo run -- -u <other crosvm args>... BUG=None Change-Id: I2d9f1794be61be31f3aae21037c7df14b7691172 Reviewed-on: https://chromium-review.googlesource.com/518935 Commit-Ready: Stephen Barber <smbarber@chromium.org> Tested-by: Zach Reizner <zachr@chromium.org> Reviewed-by: Dylan Reid <dgreid@chromium.org>	2017-07-13 11:44:36 -07:00
Dylan Reid	61edbbff53	crosvm: Put block device process in a minijail Run with the new seccomp filter and drop all capabilities. In addition enter a new user, mount, network, and ipc namespace. Leave the mount namespace empty after pivot-rooting to an empty directory. Change-Id: Iee583cf260ede8ca13f005836684eb80c2c3ac3e Signed-off-by: Dylan Reid <dgreid@chromium.org> Reviewed-on: https://chromium-review.googlesource.com/515603	2017-07-06 21:13:55 -07:00
Zach Reizner	639d96775c	crosvm: Add crosvm main program This program is used to boot a 64-bit kernel elf. It has support for basic devices that are exposed to the kernel, including a block device. TEST=cargo test; cargo run -- -m 512 -c 4 -d rootfs.squashfs -u -p "init=/bin/bash" vmlinux BUG=chromium:712319 Change-Id: I25a8349a4624d8643fefe2ad70e517fe03b16b8c Reviewed-on: https://chromium-review.googlesource.com/514417 Commit-Ready: Zach Reizner <zachr@chromium.org> Tested-by: Zach Reizner <zachr@chromium.org> Reviewed-by: Dylan Reid <dgreid@chromium.org>	2017-07-05 21:54:52 -07:00

Author

SHA1

Message

Date

Zach Reizner

f651357433

crosvm: use sys_util::clone_process to create proxy device

The `clone_process` function was created to safely encapsulate
fork/clone usage for the proxy device. This patch changes proxy device
to do utilize that.

TEST=cargo run -- -u <other crosvm args>...
BUG=None

Change-Id: I2d9f1794be61be31f3aae21037c7df14b7691172
Reviewed-on: https://chromium-review.googlesource.com/518935
Commit-Ready: Stephen Barber <smbarber@chromium.org>
Tested-by: Zach Reizner <zachr@chromium.org>
Reviewed-by: Dylan Reid <dgreid@chromium.org>

2017-07-13 11:44:36 -07:00

Dylan Reid

61edbbff53

crosvm: Put block device process in a minijail

Run with the new seccomp filter and drop all capabilities.  In addition enter a
new user, mount, network, and ipc namespace.  Leave the mount namespace empty
after pivot-rooting to an empty directory.

Change-Id: Iee583cf260ede8ca13f005836684eb80c2c3ac3e
Signed-off-by: Dylan Reid <dgreid@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/515603

2017-07-06 21:13:55 -07:00

Zach Reizner

639d96775c

crosvm: Add crosvm main program

This program is used to boot a 64-bit kernel elf. It has support for
basic devices that are exposed to the kernel, including a block device.

TEST=cargo test;
     cargo run -- -m 512 -c 4 -d rootfs.squashfs -u -p "init=/bin/bash" vmlinux
BUG=chromium:712319

Change-Id: I25a8349a4624d8643fefe2ad70e517fe03b16b8c
Reviewed-on: https://chromium-review.googlesource.com/514417
Commit-Ready: Zach Reizner <zachr@chromium.org>
Tested-by: Zach Reizner <zachr@chromium.org>
Reviewed-by: Dylan Reid <dgreid@chromium.org>

2017-07-05 21:54:52 -07:00

3 commits