Running "build_test" fails if it's been previously run using sudo.
The failure is:
thread 'main' panicked at 'error creating shared memory;'
and errno is 17, so apparently the shared memory name is left
behind.
BUG=None
TEST=Verified that "sudo build_teat" followed by "build_test" results in
a failure, while with this change it reports success.
Change-Id: I09748b9c0b89ac953e054de852277d819ad85287
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/1876662
Reviewed-by: Dylan Reid <dgreid@chromium.org>
Tested-by: kokoro <noreply+kokoro@google.com>
Commit-Queue: Matt Delco <delco@chromium.org>
This change adds the `recv_*_vec` suite of methods for getting an entire
packet into a `Vec` without needing to know the packet size through some
other means.
TEST=cargo test -p sys_util -p msg_socket
BUG=None
Change-Id: Ia4f931ccb91f6de6ee2103387fd95dfad3d3d38b
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/2034025
Commit-Queue: Zach Reizner <zachr@chromium.org>
Tested-by: Zach Reizner <zachr@chromium.org>
Tested-by: kokoro <noreply+kokoro@google.com>
Auto-Submit: Zach Reizner <zachr@chromium.org>
Reviewed-by: Daniel Verkamp <dverkamp@chromium.org>
Reviewed-by: Stephen Barber <smbarber@chromium.org>
These were pinned at pre-1.0 versions. Update to the stable API to allow
new features to be used in the future.
Cq-Depend: chromium:2026764
Change-Id: Id2d979525e5210436cbb1cfa61e2b05fafb288f3
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/2025907
Tested-by: Dylan Reid <dgreid@chromium.org>
Tested-by: kokoro <noreply+kokoro@google.com>
Commit-Queue: Dylan Reid <dgreid@chromium.org>
Reviewed-by: Dylan Reid <dgreid@chromium.org>
Reviewed-by: Zach Reizner <zachr@chromium.org>
This trait provides a generic interface for allocating space on the
filesystem within a given file. It is equivalent to the fallocate(2)
system call with the default mode (mode = 0).
BUG=chromium:858815
TEST=cargo build --features=composite-disk
Change-Id: I2f4e8aceb4878790e8dec2e3d539071915efd205
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/2015828
Reviewed-by: Dylan Reid <dgreid@chromium.org>
Tested-by: kokoro <noreply+kokoro@google.com>
Commit-Queue: Daniel Verkamp <dverkamp@chromium.org>
Add a function offset_from_base() which, given a GuestAddress, determines
the offset of that address within the backing memfd of the GuestMemory.
In other words, this lets you convert a GuestAddress into an offset that
can be understood by another process which has mapped the the memfd and
would like to read from that address.
BUG=chromium:968724
TEST=cargo test
Change-Id: I5b033ad29dd38090f74577c068cc62ee9c6effb6
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/2015835
Tested-by: Fletcher Woodruff <fletcherw@chromium.org>
Tested-by: kokoro <noreply+kokoro@google.com>
Reviewed-by: Dylan Reid <dgreid@chromium.org>
Commit-Queue: Fletcher Woodruff <fletcherw@chromium.org>
Add a new disk-specific DiskGetLen trait which uses io::Seek instead of
File::metadata() to determine the length so that it works on raw block
devices (e.g. /dev/sda) as well as regular files.
BUG=b:146811529
TEST=`crosvm run --disk /dev/sda` and verify block device length
Change-Id: I6936863490efaa479a3c8745c75c373748c800a1
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/1990855
Reviewed-by: Zach Reizner <zachr@chromium.org>
Tested-by: kokoro <noreply+kokoro@google.com>
Tested-by: Trent Begin <tbegin@chromium.org>
Commit-Queue: Daniel Verkamp <dverkamp@chromium.org>
The only device that used user_command was Serial. This change makes
Serial device use a thread to read from its input instead of using
user_command.
BUG=chromium:1033787
TEST=./build_test
run crosvm with stdio serial with and without sandbox
Change-Id: Ia0f2ee83d94ad2fee3f1f4f89aa734b976e33507
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/1966435
Tested-by: Zach Reizner <zachr@chromium.org>
Tested-by: kokoro <noreply+kokoro@google.com>
Reviewed-by: Dylan Reid <dgreid@chromium.org>
Commit-Queue: Zach Reizner <zachr@chromium.org>
Auto-Submit: Zach Reizner <zachr@chromium.org>
Other users will want to set flags on FDs. Particularly asynchronous
code that wants to set FDs as non-blocking. Add a helper that handles
fetching and or-ing in the given flags so users don't have to handle
that themselves.
Signed-off-by: Dylan Reid <dgreid@chromium.org>
Change-Id: Iabe438fbbb1ec305f693dbe1348930ef153edcf4
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/1955044
Tested-by: kokoro <noreply+kokoro@google.com>
Reviewed-by: Daniel Verkamp <dverkamp@chromium.org>
Replace the unchecked conversion with a try_from() rather than just
truncating without warning. This gives a more useful error message when
a >4GB guest memory size is requested on a 32-bit platform.
BUG=chromium:1028747
TEST=`crosvm run -m $((5 * 1024)) ...` on kevin
Change-Id: Ib1fcf4019eefdc9ee8f93a5307802e6d6d43d01c
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/1937552
Tested-by: kokoro <noreply+kokoro@google.com>
Commit-Queue: Daniel Verkamp <dverkamp@chromium.org>
Reviewed-by: Stephen Barber <smbarber@chromium.org>
The implementations of FileReadWriteVolatile and FileReadWriteAtVolatile
for SharedMemory are never used; SharedMemory is typically accessed as a
memory mapping, not as a writable/readable file-like object. Remove the
implementation of these traits for SharedMemory to simplify porting to
other platforms where SharedMemory may not necessarily be backed by a
file-like object.
BUG=None
TEST=./build_test.py
Change-Id: I9c1e46ad2d3299b8676fad33151cde7c4b1c7b8e
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/1937555
Reviewed-by: Chirantan Ekbote <chirantan@chromium.org>
Tested-by: kokoro <noreply+kokoro@google.com>
Commit-Queue: Daniel Verkamp <dverkamp@chromium.org>
The code in the doc comment didn't compile, fix the missing command.
Ignore the snippet because it depends on arch::__IncompleteArrayField,
and getting it to compile isn't worth adding a crate dependency.
Signed-off-by: Dylan Reid <dgreid@chromium.org>
Change-Id: Ibaee50d0d44fbfb9ca2862b1dda220a0a1e5696b
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/1944097
Reviewed-by: Daniel Verkamp <dverkamp@chromium.org>
Reviewed-by: Zach Reizner <zachr@chromium.org>
Tested-by: kokoro <noreply+kokoro@google.com>
This new trait allows DiskFile implementors to provide the length of the
file directly rather than using SeekFrom::End with seek().
BUG=None
TEST=./build_test
TEST=Boot Termina in crosvm
Change-Id: I9447ebb43dbd5fbb32a3a6b6d2fc969b9406cdbc
Signed-off-by: Daniel Verkamp <dverkamp@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/1913961
Tested-by: kokoro <noreply+kokoro@google.com>
Reviewed-by: Dylan Reid <dgreid@chromium.org>
Replace the implementation of File write_zeroes with one that uses
fallocate() with the FALLOC_FL_ZERO_RANGE flag instead of
FALLOC_FL_PUNCH_HOLE. This means it will keep space allocated for the
zeroed region instead of deallocating it. The PunchHole trait is
available for this purpose instead, and the virtio-blk implementation
already relies on these two traits for their differing behaviors.
BUG=chromium:858815
TEST=cargo test -p sys_util write_zeroes
Change-Id: I69ab06037f72dc219e6ea9409654f97eeaba32c3
Signed-off-by: Daniel Verkamp <dverkamp@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/1913520
Tested-by: kokoro <noreply+kokoro@google.com>
Reviewed-by: Dylan Reid <dgreid@chromium.org>
Add a variant of WriteZeroes that allows the caller to specify the
offset explicitly instead of using the file's cursor. This gets rid of
one of the last bits of shared state between disk file users, which will
help in implementing multi-queue support.
Additionally, modify the WriteZeroes trait to use a generic
implementation based on WriteZeroesAt + Seek when possible.
BUG=chromium:858815
TEST=Boot Termina in crosvm
Change-Id: If710159771aeeb55f4f7746dd4354b6c042144e8
Signed-off-by: Daniel Verkamp <dverkamp@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/1913519
There were already methods for the readable and hungup events, so this
completes the set.
TEST=None
BUG=chromium:1023975
Change-Id: Ie9cd1459893cc8b6ba7a52e638e164095ddbcba5
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/1930404
Tested-by: kokoro <noreply+kokoro@google.com>
Reviewed-by: Stephen Barber <smbarber@chromium.org>
Reviewed-by: Dylan Reid <dgreid@chromium.org>
Reviewed-by: Daniel Verkamp <dverkamp@chromium.org>
Commit-Queue: Daniel Verkamp <dverkamp@chromium.org>
Builders should all have memfd support now.
BUG=chromium:942183
TEST=compile and run, CQ will also test
Cq-Depend: chromium:1901871, chromium:1907541
Change-Id: I0cd4ec43a51e9995def2e105d68e12a703168365
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/1834701
Commit-Queue: Gurchetan Singh <gurchetansingh@chromium.org>
Tested-by: kokoro <noreply+kokoro@google.com>
Tested-by: Gurchetan Singh <gurchetansingh@chromium.org>
Reviewed-by: Zach Reizner <zachr@chromium.org>
Reviewed-by: Daniel Verkamp <dverkamp@chromium.org>
Auto-Submit: Gurchetan Singh <gurchetansingh@chromium.org>
gpa > guest_mem.end_addr() is used to avoid gpa fall into guest ram,
but low mmio maybe below guest_mem.end_addr(), this condition is false,
then low mmio couldn't be added. Since low mmio could be added into kvm
also, this condition is wrong.
This patch iterate all the guest memory reginos, and check whether it
overlap with any of them.
BUG=chromium:992270
TEST=bulld_test
Change-Id: I9560db43f9836f85d0ff927e7eeb92447774568c
Signed-off-by: Xiong Zhang <xiong.y.zhang@intel.corp-partner.google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/1895235
Tested-by: kokoro <noreply+kokoro@google.com>
Reviewed-by: Daniel Verkamp <dverkamp@chromium.org>
The virtio-blk configuration space has a `seg_max` field that lets the
device inform the driver of the maximum number of segments allowed
within a single request. The Linux virtio block driver assumes that if
the corresponding feature (VIRTIO_BLK_F_SEG_MAX) is not advertised, then
only one segment can be used.
Add a segment limit based on sysconf(_SC_IOV_MAX) to allow the Linux
block stack to make use of multiple segments in a single request, which
will get translated into a single readv/writev call in the crosvm block
device.
BUG=None
TEST=strace crosvm virtio-blk process and note preadv with iov_cnt > 1
Change-Id: Ia14ebebb85daa21e2d43437bb74886f32e6e8187
Signed-off-by: Daniel Verkamp <dverkamp@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/1876806
Reviewed-by: Stephen Barber <smbarber@chromium.org>
Tested-by: kokoro <noreply+kokoro@google.com>
Certain types of file descriptors, such as tap devices, aren't compatible with
writing at offsets. Split the volatile_impl macro into two, one for
FileReadWriteVolatile and another for FileReadWriteAtVolatile.
Tweak the macros be usable from other crates.
BUG=chromium:753630
TEST=cargo build
Change-Id: I0671024e24e8b5eaedbde2c1da80e3ec684c06a1
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/1881417
Tested-by: kokoro <noreply+kokoro@google.com>
Tested-by: Stephen Barber <smbarber@chromium.org>
Reviewed-by: Stephen Barber <smbarber@chromium.org>
Commit-Queue: Stephen Barber <smbarber@chromium.org>
Allow IntoIovec to produce an iovec with more than one entry.
BUG=None
TEST=./build_test.py
Change-Id: I21e8512f3edb06d9c0be4a1707432dde9fda6e9e
Signed-off-by: Daniel Verkamp <dverkamp@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/1815316
Tested-by: kokoro <noreply+kokoro@google.com>
Reviewed-by: Zach Reizner <zachr@chromium.org>
When guest boot with -m 4096, guest e820 is:
BIOS-e820: [mem 0x0000000000000000-0x000000000009fbff] usable
BIOS-e820: [mem 0x0000000000200000-0x00000000cfffffff] usable
so guest usable ram is 3.25G which is smaller than specified 4G.
3.25G~4G is assigned to pci device as mmio, this range should be
relocated to 4G above like 4G to 4.75G. So guest could see the full 4G
usable ram.
With this patch, guest e820 is:
BIOS-e820: [mem 0x0000000000000000-0x000000000009fbff] usable
BIOS-e820: [mem 0x0000000000200000-0x00000000cfffffff] usable
BIOS-e820: [mem 0x0000000100000000-0x000000012fffffff] usable
The guest could use 4G ram equal to specified 4G.
Then mmio hole exists in guest ram's regions, GuestMemory's end_addr
is larger than the memsize. end_addr couldn't be used to judge an
address in a guest memory or not We should iterate all the regions
to avoid the address in the hole; end_addr couldn't be used for
checked_offset() also, it may faill into mmio hole.
BUG=none
TEST=build_test; Boot vm with different guest memory size, and check
vm's e820 table
Change-Id: I2cd7c3223173ab635041875b9d8b49c2800c8dab
Signed-off-by: Xiong Zhang <xiong.y.zhang@intel.corp-partner.google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/1895231
Reviewed-by: Daniel Verkamp <dverkamp@chromium.org>
Tested-by: kokoro <noreply+kokoro@google.com>
crosvm doesn't support MSI/MSI-x, but kvmgt vgpu support MSI only
through cfg msi capability. This is a simple msi implementation, it
detects msi capability and track msi control, data and address info, then
call vfio kernel to enable / disable msi interrupt.
Currently it supports one vetor per MSI. It could extend to multi vetors and
MSI-x.
BUG=chromium:992270
TEST=none
Change-Id: I04fc95f23a07f9698237c014d9f909d011f447ef
Signed-off-by: Xiong Zhang <xiong.y.zhang@intel.corp-partner.google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/1581142
Reviewed-by: Daniel Verkamp <dverkamp@chromium.org>
Tested-by: kokoro <noreply+kokoro@google.com>
Commit-Queue: Daniel Verkamp <dverkamp@chromium.org>
Refactor the Reader and Writer implementations for DescriptorChains.
This has several changes:
* Change the DescriptorChainConsumer to keep a
VecDeque<VolatileSlice> instead of an iterator. This delegates the
fiddly business of sub-slicing chunks of memory to the VolatileSlice
implementation.
* Read in the entire DescriptorChain once when the Reader or Writer is
first constructed. This allows us to validate the DescriptorChain
in the beginning rather than having to deal with an invalid
DescriptorChain in the middle of the device operating on it.
Combined with the check that enforces the ordering of read/write
descriptors in a previous change we can be sure that the entire
descriptor chain that we have copied in is valid.
* Add a new `split_at` method so that we can split the Reader/Writer
into multiple pieces, each responsible for reading/writing a
separate part of the DescriptorChain. This is particularly useful
for implementing zero-copy data transfer as we sometimes need to
write the data first and then update an earlier part of the buffer
with the number of bytes written.
* Stop caching the available bytes in the DescriptorChain. The
previous implementation iterated over the remaining descriptors in
the chain and then only updated the cached value. If a mis-behaving
guest then changed one of the later descriptors, the cached value
would no longer be valid.
* Check for integer overflow when calculating the number of bytes
available in the chain. A guest could fill a chain with five 1GB
descriptors and cause an integer overflow on a 32-bit machine.
This would previously crash the device process since we compile with
integer overflow checks enabled but it would be better to return an
error instead.
* Clean up the Read/Write impls. Having 2 different functions called
`read`, with different behavior is just confusing. Consolidate on
the Read/Write traits from `std::io`.
* Change the `read_to` and `write_from` functions to be generic over
types that implement `FileReadWriteVolatile` since we are not
allowed to assume that it's safe to call read or write on something
just because it implements `AsRawFd`. Also add `*at` variants that
read or write to a particular offset rather than the kernel offset.
* Change the callback passed to the `consume` function of
`DescriptorChainConsumer` to take a `&[VolatileSlice]` instead.
This way we can use the `*vectored` versions of some methods to
reduce the number of I/O syscalls we need to make.
* Change the `Result` types that are returned. Functions that perform
I/O return an `io::Result`. Functions that only work on guest
memory return a `guest_memory::Result`. This makes it easier to
inter-operate with the functions from `std::io`.
* Change some u64/u32 parameters to usize to avoid having to convert
back and forth between the two in various places.
BUG=b:136128319
TEST=unit tests
Change-Id: I15102f7b4035d66b5ce0891df42b656411e8279f
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/1757240
Auto-Submit: Chirantan Ekbote <chirantan@chromium.org>
Tested-by: kokoro <noreply+kokoro@google.com>
Reviewed-by: Stephen Barber <smbarber@chromium.org>
Reviewed-by: Zach Reizner <zachr@chromium.org>
Reviewed-by: Daniel Verkamp <dverkamp@chromium.org>
Commit-Queue: Daniel Verkamp <dverkamp@chromium.org>
This change plumbs the jail throughout the arch specific device creation
process. It also adds a custom callback support for the ProxyDevice so
that the main process can interrupt the child serial process when it has
incoming bytes.
TEST=crosvm run
BUG=None
Change-Id: I6af7d2cb0acbba9bf42eaeeb294cee2bce4a1f36
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/1752589
Reviewed-by: Dylan Reid <dgreid@chromium.org>
Reviewed-by: Daniel Verkamp <dverkamp@chromium.org>
Tested-by: kokoro <noreply+kokoro@google.com>
Tested-by: Zach Reizner <zachr@chromium.org>
Commit-Queue: Zach Reizner <zachr@chromium.org>
Add the FileReadWriteAtVolatile trait, which is basically the same as
the FileReadWriteVolatile trait but additionally takes an offest. This
is only useful for types that are seekable and can allow concurrent
operations on the same underlying type.
Also add `*_vectored` versions of all the functions. These match the
`*_vectored` functions in the standard library and can reduce the number
of system calls needed to read or write a whole buffer.
Implement both traits for `&mut T` if `T` implements them.
Change the trait implementation for `File` to a macro so that we can
also implement it for `GuestMemory`.
BUG=b:136128319
TEST=unit tests
Change-Id: I3d8eb7bba17fe3247e18649b1b04e21a91a841e2
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/1724229
Auto-Submit: Chirantan Ekbote <chirantan@chromium.org>
Tested-by: kokoro <noreply+kokoro@google.com>
Commit-Queue: Daniel Verkamp <dverkamp@chromium.org>
Reviewed-by: Daniel Verkamp <dverkamp@chromium.org>
Currently, sys_util's register_signal_handler only permits handlers for
real-time signals. Rename that function to register_rt_signal_handler
and add a new register_signal_handler that supports all signals, then
update references to the old name.
BUG=chromium:1008990
TEST=builds
Change-Id: I455e14c562cd1f2ca4b308b4e38c503845321926
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/1836185
Tested-by: Fletcher Woodruff <fletcherw@chromium.org>
Tested-by: kokoro <noreply+kokoro@google.com>
Reviewed-by: Daniel Verkamp <dverkamp@chromium.org>
Reviewed-by: Dylan Reid <dgreid@chromium.org>
Commit-Queue: Fletcher Woodruff <fletcherw@chromium.org>
In the same spirit as write_all() for the standard io::Write::write()
function, add a write_zeroes_all() function with a default
implementation that calls write_zeroes() in a loop until the requested
length is met. This will allow write_zeroes implementations that don't
necessarily fulfill the entire requested length.
BUG=None
TEST=cargo test -p sys_util write_zeroes
Change-Id: I0fc3a4b3fe8904946e253ab8a2687555b12657be
Signed-off-by: Daniel Verkamp <dverkamp@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/1811466
Reviewed-by: Zach Reizner <zachr@chromium.org>
Reviewed-by: Cody Schuffelen <schuffelen@google.com>
Tested-by: kokoro <noreply+kokoro@google.com>
The new constructors are shorter and omit the bare `None` in the `anon`
call sites which gave no clues to the reader what the effect of that
`None` was. This should improve readability.
TEST=./build_test
BUG=None
Change-Id: I2e34e7df9a4ccc5da50edf4e963a6a42e3d84b22
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/1797188
Reviewed-by: Daniel Verkamp <dverkamp@chromium.org>
Commit-Queue: Zach Reizner <zachr@chromium.org>
Tested-by: Zach Reizner <zachr@chromium.org>
Tested-by: kokoro <noreply+kokoro@google.com>
This change adds a string based constructor of `SharedMemory` as well as
adding a method for retrieving that name from the underlying file. This
change also includes a new anonymous constructor.
TEST=cargo test -p sys_util
BUG=None
Change-Id: Ibd7a28851c8a0f41e595ee35b35f0d06fef1e1d9
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/1797187
Reviewed-by: Daniel Verkamp <dverkamp@chromium.org>
Commit-Queue: Zach Reizner <zachr@chromium.org>
Tested-by: Zach Reizner <zachr@chromium.org>
Tested-by: kokoro <noreply+kokoro@google.com>
This supports virtio disks that depend on multiple file descriptors. All
of the file descriptors are passed to the jail when relevant.
Bug: b/133432409
Change-Id: Idf2e24cd2984c0d12a47a523c13d24c1ba8d173e
Signed-off-by: Cody Schuffelen <schuffelen@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/1691761
Reviewed-by: Daniel Verkamp <dverkamp@chromium.org>
Tested-by: kokoro <noreply+kokoro@google.com>
rustfmt incorrectly formats the `handler` parameter in
register_signal_handler in a way that actually breaks compilation.
This bug has been reported upstream already, but it is not fixed yet on
the version of rustfmt available with stable rust:
https://github.com/rust-lang/rustfmt/issues/3673
However, the empty return type can just be omitted in this case, which
avoids the rustfmt bug.
BUG=None
TEST=`bin/fmt --check` passes with Rust 1.36.0
Change-Id: I75c49c66f1db9cb6ae73cc0f6f3e66351176c474
Signed-off-by: Daniel Verkamp <dverkamp@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/1724849
Reviewed-by: Zach Reizner <zachr@chromium.org>
Tested-by: kokoro <noreply+kokoro@google.com>
These functions are wrappers around multiple `add` calls that will fail at the
first error. This replaces lots of ugly `and_then`, `and`, and `ok` calls that
had been sprinkled around the to initialize a `PollContext`.
TEST=cargo test -p sys_util
./build_test
BUG=None
Change-Id: I69aa1c9ad87677cf220eda57148ff8eb2268bf67
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/1715580
Tested-by: Zach Reizner <zachr@chromium.org>
Tested-by: kokoro <noreply+kokoro@google.com>
Auto-Submit: Zach Reizner <zachr@chromium.org>
Reviewed-by: Dylan Reid <dgreid@chromium.org>
Commit-Queue: Zach Reizner <zachr@chromium.org>
"warning: use of deprecated item 'std::sync::ONCE_INIT': the `new` function is now preferred"
Change-Id: I029611f2978d5baf3b0bc426ab2285e282708da0
Signed-off-by: Dylan Reid <dgreid@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/1715577
Reviewed-by: Zach Reizner <zachr@chromium.org>
Tested-by: kokoro <noreply+kokoro@google.com>
A few places were using the old syntax without `dyn`. Nightly compilers
have started warning more aggressively, so fix up the last of those.
Signed-off-by: Dylan Reid <dgreid@chromium.org>
Change-Id: I4df49b4a27a62acfd8c542cec903e4c5b31bedcc
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/1715576
Reviewed-by: Zach Reizner <zachr@chromium.org>
Tested-by: kokoro <noreply+kokoro@google.com>
Looks like we ended up with two totally different tempdir
implementations: one from CL:520706 and the other from CL:1409705.
This CL consolidates them into one implementation.
BUG=chromium:974059
TEST=tempfile: cargo test
TEST=crosvm: cargo check --all-features
TEST=devices: cargo check --tests
TEST=sys_util: cargo check --tests
TEST=local kokoro
TEST=./build_test
Cq-Depend: chromium:1574668
Change-Id: Id70e963c9986ed2fc5f160819c4a7f9f16092b3b
Signed-off-by: Daniel Verkamp <dverkamp@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1573227
Tested-by: kokoro <noreply+kokoro@google.com>
Legacy-Commit-Queue: Commit Bot <commit-bot@chromium.org>
Resolve a couple of minor clippy warnings:
- unneeded return statement
- use `if let` instead of `match` for single pattern destruction
- use `values()` function to iterate over map values
- supress warning about `ptr::null()` as expressed by the comment
BUG=None
TEST=./bin/clippy
TEST=cargo build
Change-Id: Ic4cea94cd3a25a9edf6ef38119de8c46dcfec563
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/1646739
Tested-by: kokoro <noreply+kokoro@google.com>
Reviewed-by: Zach Reizner <zachr@chromium.org>
Reviewed-by: Stephen Barber <smbarber@chromium.org>
Commit-Queue: Jakub Staroń <jstaron@google.com>
Adds support for virtio-pmem device as an alternative for virtio-blk.
Exposing disk image to guest as virtio-blk device results in both guest
and host independently caching the disk I/O. Using virtio-pmem device
allows to mount disk image as direct access (DAX) in the guest and thus
bypass the guest cache. This will reduce memory foodprint of the VMs.
BUG=None
TEST=cargo test
TEST=Boot patched termina kernel in crosvm; mount virtio-pmem device as
DAX and run xfstests.
Change-Id: I935fc8fc7527f79e5169f07ec7927e4ea4fa6027
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/1605517
Tested-by: kokoro <noreply+kokoro@google.com>
Reviewed-by: Zach Reizner <zachr@chromium.org>
Commit-Queue: Jakub Staroń <jstaron@google.com>
This manifested itself in a couple places that were turning shared
memory buffers into slices for the purposes of passing these slices to
`Read` and `Write` trait methods.
However, this required the removal of the methods that took `Read` and
`Write` instances. This was a convenient interface but impossible to
implement safely because making slices from raw pointers without
enforcing safety guarantees causes undefined behaviour in Rust. It turns
out lots of code in crosvm was using these interfaces indirectly, which
explains why this CL touches so much.
TEST=crosvm run
BUG=chromium:938767
Change-Id: I4ff40c98da6ed08a4a42f4c31f0717f81b1c5863
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/1636685
Reviewed-by: Zach Reizner <zachr@chromium.org>
Tested-by: Zach Reizner <zachr@chromium.org>
Tested-by: kokoro <noreply+kokoro@google.com>
Commit-Queue: Zach Reizner <zachr@chromium.org>
uninitialized is deprecated and considered too dangerous to use for any
of the use cases we were using.
BUG=None
TEST=passes smoke_test
Change-Id: I5392cb8ec132f374d9b5590f72eb2cb329a82421
Reviewed-on: https://chromium-review.googlesource.com/1626795
Commit-Ready: Zach Reizner <zachr@chromium.org>
Tested-by: Zach Reizner <zachr@chromium.org>
Tested-by: kokoro <noreply+kokoro@google.com>
Legacy-Commit-Queue: Commit Bot <commit-bot@chromium.org>
Reviewed-by: Dylan Reid <dgreid@chromium.org>
Reviewed-by: Stephen Barber <smbarber@chromium.org>
This change allows an output to be set for each serial device for a
guest machine (stdout, syslog, or sink).
BUG=chromium:953983
TEST=FEATURES=test emerge-sarien crosvm; cd sys_util; cargo test;
./build_test; manual testing on x86_64 and aarch_64
Change-Id: I9e7fcb0b296c0f8a5aa8d54b1a74ae801f6badc8
Reviewed-on: https://chromium-review.googlesource.com/1572813
Commit-Ready: Trent Begin <tbegin@chromium.org>
Tested-by: kokoro <noreply+kokoro@google.com>
Tested-by: Trent Begin <tbegin@chromium.org>
Reviewed-by: Dylan Reid <dgreid@chromium.org>
A few files were missing license blurbs at the top, so update them all
to include them.
BUG=none
TEST=none
Change-Id: Ida101be2e5c255b8cffeb15f5b93f63bfd1b130b
Reviewed-on: https://chromium-review.googlesource.com/1577900
Commit-Ready: Stephen Barber <smbarber@chromium.org>
Tested-by: kokoro <noreply+kokoro@google.com>
Reviewed-by: Dylan Reid <dgreid@chromium.org>
The current error doesn't provide sufficient information to debug
InvalidRange errors; add the size of the region so that the bounds of
the comparison can be determined from the error message.
BUG=None
TEST=cargo test -p sys_util
Change-Id: I8e7fbd750ab84c43bbf0435230b7d3cf466783da
Signed-off-by: Daniel Verkamp <dverkamp@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1574964
Commit-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com>
Tested-by: kokoro <noreply+kokoro@google.com>
Reviewed-by: Zach Reizner <zachr@chromium.org>
This CL fixes four cases of what I believe are undefined behavior:
- In vhost where the original code allocates a Vec<u8> with 1-byte
alignment and casts the Vec's data pointer to a &mut vhost_memory
which is required to be 8-byte aligned. Underaligned references of
type &T or &mut T are always undefined behavior in Rust.
- Same pattern in x86_64.
- Same pattern in plugin::vcpu.
- Code in crosvm_plugin that dereferences a potentially underaligned
pointer. This is always undefined behavior in Rust.
TEST=bin/clippy
TEST=cargo test sys_util
Change-Id: I926f17b1fe022a798f69d738f9990d548f40c59b
Reviewed-on: https://chromium-review.googlesource.com/1566736
Commit-Ready: David Tolnay <dtolnay@chromium.org>
Tested-by: David Tolnay <dtolnay@chromium.org>
Tested-by: kokoro <noreply+kokoro@google.com>
Reviewed-by: David Tolnay <dtolnay@chromium.org>
As described in:
https://doc.rust-lang.org/edition-guide/rust-2018/ownership-and-lifetimes/default-match-bindings.html
which also covers the new mental model that the Rust Book will use for
teaching binding modes and has been found to be more friendly for both
beginners and experienced users.
Before:
match *opt {
Some(ref v) => ...,
None => ...,
}
After:
match opt {
Some(v) => ...,
None => ...,
}
TEST=cargo check --all-features
TEST=local kokoro
Change-Id: I3c5800a9be36aaf5d3290ae3bd3116f699cb00b7
Reviewed-on: https://chromium-review.googlesource.com/1566669
Commit-Ready: David Tolnay <dtolnay@chromium.org>
Tested-by: David Tolnay <dtolnay@chromium.org>
Tested-by: kokoro <noreply+kokoro@google.com>
Reviewed-by: Daniel Verkamp <dverkamp@chromium.org>
Before the new borrow checker in the 2018 edition, we sometimes used to
have to manually insert curly braced blocks to limit the scope of
borrows. These are no longer needed.
Details in:
https://doc.rust-lang.org/edition-guide/rust-2018/ownership-and-lifetimes/non-lexical-lifetimes.html
TEST=cargo check --all-features
TEST=local kokoro
Change-Id: I59f9f98dcc03c8790c53e080a527ad9b68c8d6f3
Reviewed-on: https://chromium-review.googlesource.com/1568075
Commit-Ready: David Tolnay <dtolnay@chromium.org>
Tested-by: David Tolnay <dtolnay@chromium.org>
Tested-by: kokoro <noreply+kokoro@google.com>
Reviewed-by: Daniel Verkamp <dverkamp@chromium.org>
In Rust 2018 edition, `extern crate` is no longer required for importing
from other crates. Instead of writing:
extern crate dep;
use dep::Thing;
we write:
use dep::Thing;
In this approach, macros are imported individually from the declaring
crate rather than through #[macro_use]. Before:
#[macro_use]
extern crate sys_util;
After:
use sys_util::{debug, error};
The only place that `extern crate` continues to be required is in
importing the compiler's proc_macro API into a procedural macro crate.
This will hopefully be fixed in a future Rust release.
extern crate proc_macro;
TEST=cargo check
TEST=cargo check --all-features
TEST=cargo check --target aarch64-unknown-linux-gnu
TEST=local kokoro
Change-Id: I0b43768c0d81f2a250b1959fb97ba35cbac56293
Reviewed-on: https://chromium-review.googlesource.com/1565302
Commit-Ready: David Tolnay <dtolnay@chromium.org>
Commit-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com>
Tested-by: David Tolnay <dtolnay@chromium.org>
Tested-by: kokoro <noreply+kokoro@google.com>
Reviewed-by: David Tolnay <dtolnay@chromium.org>
Macros were previously imported through `#[macro_use] extern crate`,
which is basically a glob import of all macros from the crate. As of
2018 edition of Rust, `extern crate` is no longer required and macros
are imported individually like any other item from a dependency. This CL
fills in all the appropriate macro imports that will allow us to remove
our use of `extern crate` in a subsequent CL.
TEST=cargo check --all-features --tests
TEST=kokoro
Change-Id: If2ec08b06b743abf5f62677c6a9927c3d5d90a54
Reviewed-on: https://chromium-review.googlesource.com/1565546
Commit-Ready: David Tolnay <dtolnay@chromium.org>
Commit-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com>
Tested-by: David Tolnay <dtolnay@chromium.org>
Tested-by: kokoro <noreply+kokoro@google.com>
Reviewed-by: David Tolnay <dtolnay@chromium.org>
The syslog and ioctl macros in sys_util were originally written to be
imported through `#[macro_use] extern crate sys_util` which is
essentially a glob import of all macros from the crate.
In 2018 edition, extern crate is deprecated and macros are imported the
same as any other item. As these sys_util macros are currently written,
importing an individual macro requires the caller to also import any
other sys_util macros that the invocation internally expands to.
Example:
use sys_util::{error, log};
fn main() {
error!("...");
}
This CL adjusts all sys_util macros to invoke helper macros through a
`$crate::` prefix so that the caller is not required to have the helper
macros in scope themselves.
use sys_util::error;
fn main() {
error!("...");
}
TEST=kokoro
Change-Id: I2d9f16dca8e7a4a4c0e63d9f10ead9f7413d9c3c
Reviewed-on: https://chromium-review.googlesource.com/1565544
Commit-Ready: David Tolnay <dtolnay@chromium.org>
Commit-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com>
Tested-by: David Tolnay <dtolnay@chromium.org>
Tested-by: kokoro <noreply+kokoro@google.com>
Reviewed-by: Daniel Verkamp <dverkamp@chromium.org>
There is a hard-limit to the number of MemoryMaps that can be added to a
KVM VM, a arch-dependent number defined as KVM_USER_MEM_SLOTS. e.g: on
x86 this is 509 (512 - 3 internal slots).
For most purposes, this isn't too much of an issue, but there are some
cases where one might want to share a lot of mmaps with a Guest. e.g:
virtio-fs uses a large cache region for mapping in slices of file fds
directly into guest memory. If one tries to add a new KVM memory region
for each mmap, the number of available slots is quickly exhausted.
MemoryMappingArena is a way to work around this limitation by allocating
a single KVM memory region for a large slice of memory, and then using
mmap with MAP_FIXED to override slices of this "arena" hostside, thereby
achieving the same effect without quickly exhausting the number of KVM
memory region slots.
BUG=chromium:936567
TEST=cargo test -p sys_util
Change-Id: I89cc3b22cdba6756b2d76689176d7147cf238f07
Reviewed-on: https://chromium-review.googlesource.com/1546600
Commit-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com>
Tested-by: kokoro <noreply+kokoro@google.com>
Reviewed-by: Zach Reizner <zachr@chromium.org>
This allows setting the affinity of the VCPU threads to specific host
CPUs. Note that each individual CPU has its affinity set to the full
set of CPUs specified, so the host kernel may still reschedule VCPU
threads on whichever host CPUs it sees fit (within the specified set).
BUG=chromium:909793
TEST=build_test
Change-Id: I09b893901caf91368b64f5329a6e9f39027fef23
Signed-off-by: Daniel Verkamp <dverkamp@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1554865
Commit-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com>
Tested-by: kokoro <noreply+kokoro@google.com>
Reviewed-by: Chirantan Ekbote <chirantan@chromium.org>
Reviewed-by: Dylan Reid <dgreid@chromium.org>
Use expect_err in the unix_seqpacket_zero_timeout test instead of
`#[should_panic]` as the panic is causing a memory leak.
BUG=chromium:950576
TEST=`USE=asan FEATURES=test emerge-amd64-generic sys_util`
Change-Id: I7a42bbbc741a84398989393e3294747cd01cee14
Reviewed-on: https://chromium-review.googlesource.com/1558933
Commit-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com>
Tested-by: kokoro <noreply+kokoro@google.com>
Reviewed-by: Daniel Verkamp <dverkamp@chromium.org>
This may help reduce cases of conflicts between independent CLs each
appending a dependency at the bottom of the list, of which I hit two
today rebasing some of my open CLs.
TEST=cargo check --all-features
Change-Id: Ief10bb004cc7b44b107dc3841ce36c6b23632aed
Reviewed-on: https://chromium-review.googlesource.com/1557172
Commit-Ready: David Tolnay <dtolnay@chromium.org>
Tested-by: David Tolnay <dtolnay@chromium.org>
Tested-by: kokoro <noreply+kokoro@google.com>
Reviewed-by: Daniel Verkamp <dverkamp@chromium.org>
Separated out of CL:1513058 to make it possible to land parts
individually while the affected crate has no other significant CLs
pending. This avoids repeatedly introducing non-textual conflicts with
new code that adds `use` statements.
TEST=cargo check
TEST=cargo check --all-features
TEST=cargo check --target aarch64-unknown-linux-gnu
Change-Id: Ic57170776a9396bab54a8c7eb2b8b1436f63b57c
Reviewed-on: https://chromium-review.googlesource.com/1520069
Commit-Ready: David Tolnay <dtolnay@chromium.org>
Tested-by: David Tolnay <dtolnay@chromium.org>
Tested-by: kokoro <noreply+kokoro@google.com>
Reviewed-by: David Tolnay <dtolnay@chromium.org>
Found by running: `cargo rustc -- -D bare_trait_objects`
Bare trait objects like `&Trait` and `Box<Trait>` are soft-deprecated in
2018 edition and will start warning at some point.
As part of this, I replaced `Box<Trait + 'static>` with `Box<dyn Trait>`
because the 'static bound is implied for boxed trait objects.
TEST=cargo check --all-features
TEST=cargo check --target aarch64-unknown-linux-gnu
TEST=local kokoro
Change-Id: I41c4f13530bece8a34a8ed1c1afd7035b8f86f19
Reviewed-on: https://chromium-review.googlesource.com/1513059
Commit-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com>
Tested-by: David Tolnay <dtolnay@chromium.org>
Tested-by: kokoro <noreply+kokoro@google.com>
Reviewed-by: David Tolnay <dtolnay@chromium.org>
favor `if let` over `match` for destructing a single value.
Signed-off-by: Dylan Reid <dgreid@chromium.org>
Change-Id: I0c09d7ffc380e84d7413d6fed338d65a60563a8f
Reviewed-on: https://chromium-review.googlesource.com/1510069
Tested-by: kokoro <noreply+kokoro@google.com>
Reviewed-by: Stephen Barber <smbarber@chromium.org>
Reviewed-by: Daniel Verkamp <dverkamp@chromium.org>
Building off CL:1290293
Instead of having a seperate GuestMemoryManager, this adds SharedMemory
as a Arc'd member of GuestMemory. This is nice since it removes the need
to plumb the Manager struct throughout the codebase.
BUG=chromium:936567
TEST=cargo test -p sys_util
Change-Id: I6fa5d73f7e0db495c2803a040479818445660345
Reviewed-on: https://chromium-review.googlesource.com/1493013
Commit-Ready: Daniel Prilik <prilik@google.com>
Tested-by: kokoro <noreply+kokoro@google.com>
Reviewed-by: Zach Reizner <zachr@chromium.org>
The putting the hostname in the syslog header of messages sent to
/dev/log isn't widely supported. It isn't understood by rsyslogd by
default, and it isn't understood by journald. Remove it as it provides
no value to us.
BUG=None
TEST=Ensure journal properly parses the header from crosvm log messages
Change-Id: I9bba78925f048f7d2ce6320b00b9fa52f070ce51
Reviewed-on: https://chromium-review.googlesource.com/1525139
Commit-Ready: Christopher Morin <cmtm@google.com>
Tested-by: Christopher Morin <cmtm@google.com>
Tested-by: kokoro <noreply+kokoro@google.com>
Reviewed-by: Zach Reizner <zachr@chromium.org>
This is an easy step toward adopting 2018 edition eventually, and will
make any future CL that sets `edition = "2018"` this much smaller.
The module system changes in Rust 2018 are described here:
https://doc.rust-lang.org/edition-guide/rust-2018/module-system/path-clarity.html
Generated by running:
cargo fix --edition --all
in each workspace, followed by bin/fmt.
TEST=cargo check
TEST=cargo check --all-features
TEST=cargo check --target aarch64-unknown-linux-gnu
Change-Id: I000ab5e69d69aa222c272fae899464bbaf65f6d8
Reviewed-on: https://chromium-review.googlesource.com/1513054
Commit-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com>
Tested-by: David Tolnay <dtolnay@chromium.org>
Tested-by: kokoro <noreply+kokoro@google.com>
Reviewed-by: David Tolnay <dtolnay@chromium.org>
clippy says that it is more efficient. Since self is a u64 in this case,
it is correct.
Signed-off-by: Dylan Reid <dgreid@chromium.org>
Change-Id: Id7674db500a01640f650b239374fe9f83e2bc595
Reviewed-on: https://chromium-review.googlesource.com/1510065
Tested-by: kokoro <noreply+kokoro@google.com>
Reviewed-by: Stephen Barber <smbarber@chromium.org>
A bug has been filed to fix this differently. Until then, add a TODO and
a clippy disable so that clippy can be used to test for other issues
without stopping on this error.
BUG=928767
TEST=cargo clippy
Signed-off-by: Dylan Reid <dgreid@chromium.org>
Change-Id: Ic264bc9101653c30354415c913e9ee3752985706
Reviewed-on: https://chromium-review.googlesource.com/1506308
Commit-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com>
Tested-by: kokoro <noreply+kokoro@google.com>
Reviewed-by: Zach Reizner <zachr@chromium.org>
In case crosvm starts with elevated capabilities (for example, we need
to start with CAP_SETGID to be able to map additional gids into plugin
jail), we should drop them before spawning VCPU threads.
BUG=b:117989168
TEST=Start plugin via concierge_client and verify the process does not
have any effective or permitted privileges.
tast run [] 'vm.*'
Change-Id: Ia1e80bfe19b296936d77fe9ffeda361211b41eed
Reviewed-on: https://chromium-review.googlesource.com/1506296
Commit-Ready: Dmitry Torokhov <dtor@chromium.org>
Tested-by: Dmitry Torokhov <dtor@chromium.org>
Tested-by: kokoro <noreply+kokoro@google.com>
Reviewed-by: Chirantan Ekbote <chirantan@chromium.org>
The description method is deprecated and its signature forces less
helpful error messages than what Display can provide.
BUG=none
TEST=cargo check --all-features
TEST=cargo check --target aarch64-unknown-linux-gnu
Change-Id: I27fc99d59d0ef457c5273dc53e4c563ef439c2c0
Reviewed-on: https://chromium-review.googlesource.com/1497735
Commit-Ready: David Tolnay <dtolnay@chromium.org>
Tested-by: David Tolnay <dtolnay@chromium.org>
Tested-by: kokoro <noreply+kokoro@google.com>
Reviewed-by: Dylan Reid <dgreid@chromium.org>
This change adds the ability to make seqpacket pairs, and set the
timeouts of the sockets. This also adds a TcpListener style api for
accepting UnixSeqpacket sockets.
TEST=cargo test -p sys_util
BUG=chromium:848187
Change-Id: I9f9bb5224cdfaf257d8e4a1bdaac8128be874951
Reviewed-on: https://chromium-review.googlesource.com/1482371
Commit-Ready: Zach Reizner <zachr@chromium.org>
Tested-by: kokoro <noreply+kokoro@google.com>
Tested-by: Zach Reizner <zachr@chromium.org>
Reviewed-by: Daniel Verkamp <dverkamp@chromium.org>
These are each their own workspace so I guess `cargo fmt` at the top
level of the repo does not hit them.
I checked that none of the other workspace roots currently need to be
reformatted.
TEST=cargo check
Change-Id: I734cbc0f909fd3c2138513d9539b917bce80c0a8
Reviewed-on: https://chromium-review.googlesource.com/1477496
Commit-Ready: David Tolnay <dtolnay@chromium.org>
Tested-by: David Tolnay <dtolnay@chromium.org>
Tested-by: kokoro <noreply+kokoro@google.com>
Reviewed-by: Daniel Verkamp <dverkamp@chromium.org>
I have been running into Debug-printed error messages too often and
needing to look up in the source code each level of nested errors to
find out from the comment on the error variant what the short name of
the variant means in human terms. Worse, many errors (like the one shown
below) already had error strings written but were being printed from the
calling code in the less helpful Debug representation anyway.
Before:
[ERROR:src/main.rs:705] The architecture failed to build the vm: NoVarEmpty
After:
[ERROR:src/main.rs:705] The architecture failed to build the vm: /var/empty doesn't exist, can't jail devices.
TEST=cargo check --all-features
TEST=FEATURES=test emerge-amd64-generic crosvm
Change-Id: I77122c7d6861b2d610de2fff718896918ab21e10
Reviewed-on: https://chromium-review.googlesource.com/1469225
Commit-Ready: David Tolnay <dtolnay@chromium.org>
Tested-by: David Tolnay <dtolnay@chromium.org>
Tested-by: kokoro <noreply+kokoro@google.com>
Reviewed-by: Daniel Verkamp <dverkamp@chromium.org>
Some IOCTL macros are define to accept a parameter, EVIOCGBIT is an
example. This commit adds the ability to generate functions that
accept any number of arguments to generate the IOCTL number.
Bug=chromium:921271
Test=cargo test -p sys_util
Change-Id: I966a3ac85e05764acff5d61cf85dc95b2b70ec20
Reviewed-on: https://chromium-review.googlesource.com/1406812
Commit-Ready: Jorge Moreira Broche <jemoreira@google.com>
Tested-by: kokoro <noreply+kokoro@google.com>
Reviewed-by: Zach Reizner <zachr@chromium.org>
The fork::tests::panic_safe unit test has been hanging intermittently in
CQ runs. The root cause isn't understood yet, but the most likely
explanation seems to be that the wait_process helper is hanging.
There should be only two causes for that hang: either the cloned process
is not exiting, or the wait() call in wait_process is not returning.
The wait() should only hang if another thread has already reaped the
cloned process.
In order to help debug the issue, change the general wait() to a
waitpid() on the specific cloned process ID. This will give us more
information about what happens when the test fails - if the waitpid()
returns ECHILD instead of hanging, this will indicate that something
else is waiting on our child process and racing with our wait().
BUG=chromium:925725
TEST=cargo test --release -p sys_util panic_safe
Change-Id: Ib25d88b35b16c75d4d8fe62fc779c9470303368a
Signed-off-by: Daniel Verkamp <dverkamp@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1444317
Tested-by: kokoro <noreply+kokoro@google.com>
Reviewed-by: Zach Reizner <zachr@chromium.org>
Together, these allow tests to create a FakeTimerFd that they can
trigger at a particular point in the test code, without having to rely
on sleep()s or other racy methods.
BUG=None
TEST=Unit tests for FakeTimerFd + dependent CL.
Change-Id: I14381272a6d75bebcdedb0a329a017a2131a3482
Reviewed-on: https://chromium-review.googlesource.com/1413830
Commit-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com>
Tested-by: Miriam Zimmerman <mutexlox@chromium.org>
Tested-by: kokoro <noreply+kokoro@google.com>
Reviewed-by: David Tolnay <dtolnay@chromium.org>
Reviewed-by: Dylan Reid <dgreid@chromium.org>
`libc::c_char` is `u8` instead of `i8` in arm, the test should use
`libc::c_char` directly.
Test unit tests with different architectures.
BUG=chromium:907520
TEST=$ FEATURES=test emerge-{kevin,eve} sys_util
Change-Id: Ie70da89470487d95675cb06b761e9ae9057bc38f
Reviewed-on: https://chromium-review.googlesource.com/1430400
Commit-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com>
Tested-by: kokoro <noreply+kokoro@google.com>
Tested-by: Chih-Yang Hsia <paulhsia@chromium.org>
Reviewed-by: David Tolnay <dtolnay@chromium.org>
Reviewed-by: Zach Reizner <zachr@chromium.org>
PollContext is not thread safe while the underlying epoll is thread
safe. This is because PollContext owns EpollEvents, to offer an easy to
use interface. User of this package might want a thread safe version of Epoll.
This CL decouples events from epoll fd, thus providing thread safe epoll.
BUG=None
TEST=cargo build and run
Change-Id: I786b1d186664fdb4a95ce4d3062b044d27b74d40
Reviewed-on: https://chromium-review.googlesource.com/1320429
Commit-Ready: Jingkui Wang <jkwang@google.com>
Tested-by: Jingkui Wang <jkwang@google.com>
Reviewed-by: Zach Reizner <zachr@chromium.org>
CL:1385972 breaks building these crates because they are not in the
workspace of the top level Cargo.toml so the patch.crates-io setting of
the top level Cargo.toml does not take effect. They end up looking for
their dependencies on crates.io rather than in the parent directory.
Being able to build just data_model and sys_util on their own is useful
when iterating on a change in one of them and needing to run `cargo
test` (as I tried to do today). The errors without this CL are like
this:
error: no matching package named `assertions` found
location searched: registry `https://github.com/rust-lang/crates.io-index`
required by package `data_model v0.1.0 (/path/to/crosvm/data_model)`
BUG=chromium:916921
TEST=cargo check in data_model and sys_util
TEST=cargo test as well
TEST=emerge-amd64-generic crosvm
TEST=FEATURES=test emerge-amd64-generic data_model, sys_util
CQ-DEPEND=CL:1409854
Change-Id: I7bd34f38507c1cea72380f515ce2dd0835aec4fa
Reviewed-on: https://chromium-review.googlesource.com/1403887
Commit-Ready: David Tolnay <dtolnay@chromium.org>
Tested-by: David Tolnay <dtolnay@chromium.org>
Tested-by: kokoro <noreply+kokoro@google.com>
Reviewed-by: Chih-Yang Hsia <paulhsia@chromium.org>
Add GuestMemory::write_all_at_addr, GuestMemory::read_exact_at_addr
which return error if the entire write or read cannot be completed.
Also rename write_slice_at_addr to write_at_addr, read_slice_at_addr to
read_at_addr to make the entire set of four methods consistent in naming
with the methods of std::io::Write and std::io::Read.
Context:
https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/1387624/16/devices/src/virtio/tpm.rs#75
TEST=cargo test
Change-Id: Ia0775b75281ccf8030c84b41f9018a511204b8c9
Reviewed-on: https://chromium-review.googlesource.com/1407156
Commit-Ready: David Tolnay <dtolnay@chromium.org>
Tested-by: David Tolnay <dtolnay@chromium.org>
Reviewed-by: Dylan Reid <dgreid@chromium.org>
std::os::net only supprts UnixDatagram and UnixStream, so we need this to
support the connection to socket opened with SOCK_SEQPACKET flag.
It only supports public API connect, write, try_clone, and read now.
BUG=chromium:907520
TEST=Use
$ FEATURES=test emerge-eve sys_util
to run unit tests.
Change-Id: I61a9acd4fa2e601e93b1f76dc1758cb61a433205
Reviewed-on: https://chromium-review.googlesource.com/1390077
Commit-Ready: Chih-Yang Hsia <paulhsia@chromium.org>
Tested-by: Chih-Yang Hsia <paulhsia@chromium.org>
Reviewed-by: Zach Reizner <zachr@chromium.org>
validate_raw_fd is needed for the plugin crate. Move it into a common
location so that it can be shared by both the linux and plugin code.
BUG=b:80150167
TEST=manual
Change-Id: I427e10716e75b2619fd0f4ba6725fa40446db4af
Signed-off-by: Chirantan Ekbote <chirantan@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1341101
Commit-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com>
Reviewed-by: Dylan Reid <dgreid@chromium.org>
This allows more type-safe usage of RawFds (preventing confusion with other c_ints) and provides a lightweight type that is usable in arguments to methods that take parameters of type AsRawFd.
BUG=None
TEST=Built.
Change-Id: Ibdeb03b0e759577385b05acb25ce76d51f2188c6
Reviewed-on: https://chromium-review.googlesource.com/1396495
Commit-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com>
Tested-by: Miriam Zimmerman <mutexlox@chromium.org>
Reviewed-by: David Tolnay <dtolnay@chromium.org>
Reviewed-by: Dylan Reid <dgreid@chromium.org>
Generalize file_sync into file_traits so that we can add another
wrapper, this time for the set_len() method implemented directly on
File. This will also be implemented on QcowFile.
BUG=chromium:858815
TEST=build_test
Change-Id: I43fbd1968a844c8cac359973a63babcc26942204
Signed-off-by: Daniel Verkamp <dverkamp@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1394148
Commit-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com>
Reviewed-by: David Tolnay <dtolnay@chromium.org>
Reviewed-by: Dylan Reid <dgreid@chromium.org>
Reviewed-by: Zach Reizner <zachr@chromium.org>
Split sub-crates under crosvm root directory into several independent
workspaces for adding ebuild files for those crates.
data_model and sys_util could only be built by emerge after creating
their ebuilds.
BUG=chromium:916921
TEST='emerge-eve crosvm'
TEST=Run 'cargo build' under crosvm directory
Change-Id: I2dddbbb7c7344e643183a5885e867f134b299591
Reviewed-on: https://chromium-review.googlesource.com/1385972
Commit-Ready: Chih-Yang Hsia <paulhsia@chromium.org>
Tested-by: Chih-Yang Hsia <paulhsia@chromium.org>
Reviewed-by: Chirantan Ekbote <chirantan@chromium.org>
Reviewed-by: Zach Reizner <zachr@chromium.org>
Every implementation of Fn also implements FnMut, so if some callback
can be passed to GuestMemory::with_regions then it could also have been
passed to GuestMemory::with_regions_mut.
This CL removes GuestMemory::with_regions and renames with_regions_mut
to with_regions.
TEST=cargo check
Change-Id: Ia4f168ff4eb4d45a5ee8f9413821ae244fb72ee1
Reviewed-on: https://chromium-review.googlesource.com/1378688
Commit-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com>
Tested-by: David Tolnay <dtolnay@chromium.org>
Reviewed-by: Stephen Barber <smbarber@chromium.org>
We updated the production toolchain from 1.30 to 1.31 in CL:1366446.
This CL does the same upgrade for the local developer toolchain and
Kokoro.
The relevant changes are in rust-toolchain and kokoro/Dockerfile.
The rest are from rustfmt.
TEST=cargo fmt --all -- --check
TEST=as described in kokoro/README.md
Change-Id: I3b4913f3e237baa36c664b4953be360c09efffd4
Reviewed-on: https://chromium-review.googlesource.com/1374376
Commit-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com>
Tested-by: David Tolnay <dtolnay@chromium.org>
Reviewed-by: Zach Reizner <zachr@chromium.org>
Add the minimal amount of functionality needed for audio threads that
need to run with real time priority.
Change-Id: I7052e0f2ba6b9179229fc4568b332952ee32f076
Signed-off-by: Dylan Reid <dgreid@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1366542
Commit-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com>
Reviewed-by: David Tolnay <dtolnay@chromium.org>
This CL removes 300 lines of parsing code and 200 lines of tests of
parsing code by using the parsers provided by Syn, which we already use
in implementing our other custom derives.
TEST=cargo test poll_token_derive
TEST=cargo check crosvm
Change-Id: Ie2743b1bbb1b374326f9845fc37fc578b178c53d
Reviewed-on: https://chromium-review.googlesource.com/1365112
Commit-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com>
Tested-by: David Tolnay <dtolnay@chromium.org>
Reviewed-by: Zach Reizner <zachr@chromium.org>
This CL adds a crate `sync` containing a type sync::Mutex which wraps
the standard library Mutex and mirrors the same methods, except that
they panic where the standard library would return a PoisonError. This
API codifies our error handling strategy around poisoned mutexes in
crosvm.
- Crosvm releases are built with panic=abort so poisoning never occurs.
A panic while a mutex is held (or ever) takes down the entire process.
Thus we would like for code not to have to consider the possibility of
poison.
- We could ask developers to always write `.lock().unwrap()` on a
standard library mutex. However, we would like to stigmatize the use
of unwrap. It is confusing to permit unwrap but only on mutex lock
results. During code review it may not always be obvious whether a
particular unwrap is unwrapping a mutex lock result or a different
error that should be handled in a more principled way.
Developers should feel free to use sync::Mutex anywhere in crosvm that
they would otherwise be using std::sync::Mutex.
TEST=boot linux
Change-Id: I9727b6f8fee439edb4a8d52cf19d59acf04d990f
Reviewed-on: https://chromium-review.googlesource.com/1359923
Commit-Ready: David Tolnay <dtolnay@chromium.org>
Tested-by: David Tolnay <dtolnay@chromium.org>
Reviewed-by: Zach Reizner <zachr@chromium.org>
Hopefully the changes are self-explanatory and uncontroversial. This
eliminates much of the noise from `cargo clippy` and, for my purposes,
gives me a reasonable way to use it as a tool when writing and reviewing
code.
Here is the Clippy invocation I was using:
cargo +nightly clippy -- -W clippy::correctness -A renamed_and_removed_lints -Aclippy::{blacklisted_name,borrowed_box,cast_lossless,cast_ptr_alignment,enum_variant_names,identity_op,if_same_then_else,mut_from_ref,needless_pass_by_value,new_without_default,new_without_default_derive,or_fun_call,ptr_arg,should_implement_trait,single_match,too_many_arguments,trivially_copy_pass_by_ref,unreadable_literal,unsafe_vector_initialization,useless_transmute}
TEST=cargo check --features wl-dmabuf,gpu,usb-emulation
TEST=boot linux
Change-Id: I55eb1b4a72beb2f762480e3333a921909314a0a2
Reviewed-on: https://chromium-review.googlesource.com/1356911
Commit-Ready: David Tolnay <dtolnay@chromium.org>
Tested-by: David Tolnay <dtolnay@chromium.org>
Reviewed-by: Dylan Reid <dgreid@chromium.org>
