In Rust 2018 edition, `extern crate` is no longer required for importing
from other crates. Instead of writing:
extern crate dep;
use dep::Thing;
we write:
use dep::Thing;
In this approach, macros are imported individually from the declaring
crate rather than through #[macro_use]. Before:
#[macro_use]
extern crate sys_util;
After:
use sys_util::{debug, error};
The only place that `extern crate` continues to be required is in
importing the compiler's proc_macro API into a procedural macro crate.
This will hopefully be fixed in a future Rust release.
extern crate proc_macro;
TEST=cargo check
TEST=cargo check --all-features
TEST=cargo check --target aarch64-unknown-linux-gnu
TEST=local kokoro
Change-Id: I0b43768c0d81f2a250b1959fb97ba35cbac56293
Reviewed-on: https://chromium-review.googlesource.com/1565302
Commit-Ready: David Tolnay <dtolnay@chromium.org>
Commit-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com>
Tested-by: David Tolnay <dtolnay@chromium.org>
Tested-by: kokoro <noreply+kokoro@google.com>
Reviewed-by: David Tolnay <dtolnay@chromium.org>
Separated out of CL:1513058 to make it possible to land parts
individually while the affected crate has no other significant CLs
pending. This avoids repeatedly introducing non-textual conflicts with
new code that adds `use` statements.
TEST=cargo check
TEST=cargo check --all-features
TEST=cargo check --target aarch64-unknown-linux-gnu
Change-Id: Id5f2c4f9005498e2357bec5878761c33d2bc3d8b
Reviewed-on: https://chromium-review.googlesource.com/1519697
Commit-Ready: David Tolnay <dtolnay@chromium.org>
Tested-by: David Tolnay <dtolnay@chromium.org>
Tested-by: kokoro <noreply+kokoro@google.com>
Reviewed-by: David Tolnay <dtolnay@chromium.org>
The description method is deprecated and its signature forces less
helpful error messages than what Display can provide.
BUG=none
TEST=cargo check --all-features
TEST=cargo check --target aarch64-unknown-linux-gnu
Change-Id: I27fc99d59d0ef457c5273dc53e4c563ef439c2c0
Reviewed-on: https://chromium-review.googlesource.com/1497735
Commit-Ready: David Tolnay <dtolnay@chromium.org>
Tested-by: David Tolnay <dtolnay@chromium.org>
Tested-by: kokoro <noreply+kokoro@google.com>
Reviewed-by: Dylan Reid <dgreid@chromium.org>
When running in multiprocess mode, such as on a device, TPM state gets
placed in /run/vm/tpm.{pid} (e.g. /run/vm/tpm.22726) where pid is the
pid of the original crosvm process. The TPM simulator will write a
single file called NVChip of size 16384 bytes into this directory. The
directory and NVChip file will have uid and pid set to crosvm.
When running without multiprocess mode / without minijail / probably in
cros_sdk, TPM state is placed in /tmp/tpm-simulator as before. The
/run/vm directory is not present under cros_sdk.
Will follow up with a separate CL to remove the TPM state directory at
crosvm exit.
Tested by running the following on a grunt board (Barla) in dev mode:
sudo crosvm run \
--root rootfs.ext4 \
--socket crosvm.sock \
--seccomp-policy-dir seccomp \
--software-tpm \
-p init=/bin/bash \
-p panic=-1 \
vmlinux.bin
and confirming that /dev/tpm0 and /dev/tpmrm0 are present in the VM.
BUG=chromium:921841
TEST=manual testing on grunt
Change-Id: I1868896b9eb6f510d8b97022ba950b3604d9d40b
Reviewed-on: https://chromium-review.googlesource.com/1496910
Commit-Ready: David Tolnay <dtolnay@chromium.org>
Tested-by: David Tolnay <dtolnay@chromium.org>
Tested-by: kokoro <noreply+kokoro@google.com>
Reviewed-by: Dylan Reid <dgreid@chromium.org>
I have been running into Debug-printed error messages too often and
needing to look up in the source code each level of nested errors to
find out from the comment on the error variant what the short name of
the variant means in human terms. Worse, many errors (like the one shown
below) already had error strings written but were being printed from the
calling code in the less helpful Debug representation anyway.
Before:
[ERROR:src/main.rs:705] The architecture failed to build the vm: NoVarEmpty
After:
[ERROR:src/main.rs:705] The architecture failed to build the vm: /var/empty doesn't exist, can't jail devices.
TEST=cargo check --all-features
TEST=FEATURES=test emerge-amd64-generic crosvm
Change-Id: I77122c7d6861b2d610de2fff718896918ab21e10
Reviewed-on: https://chromium-review.googlesource.com/1469225
Commit-Ready: David Tolnay <dtolnay@chromium.org>
Tested-by: David Tolnay <dtolnay@chromium.org>
Tested-by: kokoro <noreply+kokoro@google.com>
Reviewed-by: Daniel Verkamp <dverkamp@chromium.org>
This plumbs in minijail_mount_dev() to allow mounting minimal set of
devices, such as full, zero, urandom, etc. in the jail.
BUG=b:117989168
TEST=cargo test -p io_jail
Change-Id: I072347a5eedab32d1fad6255c4e18e0242b9ac9f
Signed-off-by: Dmitry Torokhov <dtor@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1447330
Tested-by: kokoro <noreply+kokoro@google.com>
Reviewed-by: Chirantan Ekbote <chirantan@chromium.org>
Reviewed-by: Zach Reizner <zachr@chromium.org>
Hopefully the changes are self-explanatory and uncontroversial. This
eliminates much of the noise from `cargo clippy` and, for my purposes,
gives me a reasonable way to use it as a tool when writing and reviewing
code.
Here is the Clippy invocation I was using:
cargo +nightly clippy -- -W clippy::correctness -A renamed_and_removed_lints -Aclippy::{blacklisted_name,borrowed_box,cast_lossless,cast_ptr_alignment,enum_variant_names,identity_op,if_same_then_else,mut_from_ref,needless_pass_by_value,new_without_default,new_without_default_derive,or_fun_call,ptr_arg,should_implement_trait,single_match,too_many_arguments,trivially_copy_pass_by_ref,unreadable_literal,unsafe_vector_initialization,useless_transmute}
TEST=cargo check --features wl-dmabuf,gpu,usb-emulation
TEST=boot linux
Change-Id: I55eb1b4a72beb2f762480e3333a921909314a0a2
Reviewed-on: https://chromium-review.googlesource.com/1356911
Commit-Ready: David Tolnay <dtolnay@chromium.org>
Tested-by: David Tolnay <dtolnay@chromium.org>
Reviewed-by: Dylan Reid <dgreid@chromium.org>
This is needed to make sure seccomp work with glibc 2.27
BUG=chromium:897477
TEST=None
Change-Id: I101aa07bffd8db2b449be1a697dafcd7d6f1cb58
Reviewed-on: https://chromium-review.googlesource.com/1294729
Commit-Ready: Yunlian Jiang <yunlian@chromium.org>
Tested-by: Yunlian Jiang <yunlian@chromium.org>
Reviewed-by: Mike Frysinger <vapier@chromium.org>
Now that cargo fmt has landed, run it over everything at once to bring
rust source to the standard formatting.
TEST=cargo test
BUG=None
Change-Id: Ic95a48725e5a40dcbd33ba6d5aef2bd01e91865b
Reviewed-on: https://chromium-review.googlesource.com/1259287
Commit-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com>
Tested-by: Zach Reizner <zachr@chromium.org>
Reviewed-by: Zach Reizner <zachr@chromium.org>
While fixing an unrelated bug in mosys' copy of this file, I found this
typo.
BUG=None
TEST=PreCQ
Change-Id: Icbb48864ad890fcd4f83c28203d187fcfdc648cc
Reviewed-on: https://chromium-review.googlesource.com/1194599
Tested-by: Jorge Lucangeli Obes <jorgelo@chromium.org>
Reviewed-by: Dylan Reid <dgreid@chromium.org>
Reviewed-by: Stephen Barber <smbarber@chromium.org>
The exec version of Minijail::fork is useful for running the heavily
sandboxed plugin process which is always passed in as a separate
executable by path.
TEST=./build_test
BUG=chromium:800626
Change-Id: Id31b7998f49d56a5bfbc978c1e1811dd54c5a323
Reviewed-on: https://chromium-review.googlesource.com/882130
Commit-Ready: Zach Reizner <zachr@chromium.org>
Tested-by: Zach Reizner <zachr@chromium.org>
Reviewed-by: Zach Reizner <zachr@chromium.org>
Add support for minijail_mount and minijail_mount_with_data. This will
be used by the jail for the wayland device.
BUG=none
TEST=filesystem is mounted inside the jail
Change-Id: I6ad9933d057e7642a7551a6a316ff65d3b95a9dd
Signed-off-by: Chirantan Ekbote <chirantan@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/851412
Commit-Ready: Zach Reizner <zachr@chromium.org>
Tested-by: Zach Reizner <zachr@chromium.org>
Reviewed-by: Dylan Reid <dgreid@chromium.org>
There were remnants of using `minijail_enter`, switch them to
`minijail_fork`.
Change-Id: I5c695cbc3bfd6868f25f46f785a2f96391744d90
Signed-off-by: Dylan Reid <dgreid@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/759598
Reviewed-by: Stephen Barber <smbarber@chromium.org>
This also updates the `build_test.py` to use the command line option to
run certain certain test modules serially.
TEST=./build_test
BUG=None
Change-Id: I8a498514cb6b89fab01f02d0ef8faf39629f717c
Reviewed-on: https://chromium-review.googlesource.com/748824
Commit-Ready: Zach Reizner <zachr@chromium.org>
Tested-by: Zach Reizner <zachr@chromium.org>
Reviewed-by: Dylan Reid <dgreid@chromium.org>
Using minijail_fork removes the need to manage user and pid namespace
explicitly in crosvm and removes some parent/child synchonization
requirements too.
Change-Id: I47f9d39527d0a3ccf625600e9bfc2cccc3cb27ca
Signed-off-by: Dylan Reid <dgreid@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/719443
Reviewed-by: Stephen Barber <smbarber@chromium.org>
Running crosvm in multiprocess mode includes setting up an io_jail for
each device and it can very often fail due to problems in the
enviroment, such as missing policy files or lack of privilege. The auto
generated debug error messages were not very good (based on initial user
feedback) and so this CL implements display to help make the errors more
understandable when they are printed.
BUG=None
TEST=./build_test
Change-Id: If51c00e60abb9b0d482515fa1e401f2fa6fb9e8f
Reviewed-on: https://chromium-review.googlesource.com/649950
Commit-Ready: Zach Reizner <zachr@chromium.org>
Tested-by: Zach Reizner <zachr@chromium.org>
Reviewed-by: Jason Clinton <jclinton@chromium.org>
Reviewed-by: Stephen Barber <smbarber@chromium.org>
Reviewed-by: Dylan Reid <dgreid@chromium.org>
parse_seccomp_filters in libminijail will unhelpfully abort() if the
path doesn't exist. Check that the policy file exists so that there's
a semi-useful error message.
BUG=none
TEST=crosvm run without seccomp policy in current directory; no abort
Change-Id: Ie1123e8cae3f6a27bbd5a3128161364401e8d4b2
Signed-off-by: Stephen Barber <smbarber@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/585829
Reviewed-by: Dylan Reid <dgreid@chromium.org>
This will be used by some device jails to get access to unix sockets
after being jailed.
TEST=None
BUG=None
Change-Id: I870bfb155b275769ccb3248b1441e7c0b8f20ad7
Reviewed-on: https://chromium-review.googlesource.com/558447
Commit-Ready: Zach Reizner <zachr@chromium.org>
Tested-by: Zach Reizner <zachr@chromium.org>
Reviewed-by: Dylan Reid <dgreid@chromium.org>
The FDs for stdin, stdout, and stderr shouldn't be left empty. Just
closing these FDs causes the next open() call from the jailed process to
reuse the 0, 1, or 2 FD. This confuses basic infrastructure like
println!.
Change-Id: I40ea471b4a011f2be5132e1a0ff50656ae2ec14a
Signed-off-by: Dylan Reid <dgreid@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/549659
The io_jail is used to jail io processes run from crosvm. Under the hood
it mostly configures a minijail jail to run in. The minijail
restrictions are applied when iojail::enter is called. This closes
extra FDs and calls minijail_enter.
The minijail_run* functions are left out as we don't have a need to exec
foreign programs. libminijail will be used to jail separate processes
spawned from the main crosvm process.
The ability to close all open file descriptors is added. Minijail only
closes FDs after forking and before exec.
Change-Id: Ida7f52022c934e9e6edeb7b604cd6e6399860cb9
Signed-off-by: Dylan Reid <dgreid@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/505100
Reviewed-by: Zach Reizner <zachr@chromium.org>
