mirror of
https://chromium.googlesource.com/crosvm/crosvm
synced 2025-02-11 04:26:38 +00:00
eb9e563e4d
A listener is responsible for managing and cleaning up its own resources, but this can cause problems when jailing device processes. Typically, the listener is created in the parent thread and then passed to the device thread so the device thread does not require the capabilities to allocate the listener's resources. However, when cleanup time comes, the listener in the child is still responsible for destroying the resources created by the parent, which may require extra capabilities. For instance, for a vhost-user socket the listener is expected to remove the socket file, but we don't necessarily want the child to be able to remove files from the filesystem... Fix this by adding a new method, take_parent_process_resources(), that can be called prior to creating the child process by the parent in order to obtain the resources that the parent needs to cleanup when the child process exits. The resources are presented in the form of an opaque box and must be kept by the parent until the child process exits. After that, dropping the box will free the resources that we don't want the child to clean up. If we are not creating a child process, then the method is simply not called and the listener will cleanup the resources itself. BUG=b:218223240 TEST=vhost-user console device gets properly cleaned up. Change-Id: I7b8c4b700a868f4fd100c45f0e577fddfe8bb216 Reviewed-on: https://chromium-review.googlesource.com/c/crosvm/crosvm/+/3762972 Reviewed-by: Morg <morg@chromium.org> Tested-by: Alexandre Courbot <acourbot@chromium.org> Reviewed-by: Keiichi Watanabe <keiichiw@chromium.org> |
||
|---|---|---|
| .. | ||
| .buildkite | ||
| .cargo | ||
| .github | ||
| docs | ||
| src | ||
| .gitignore | ||
| .gitmodules | ||
| Cargo.toml | ||
| CODEOWNERS | ||
| LICENSE | ||
| LICENSE-BSD-3-Clause | ||
| LICENSE-BSD-Chromium | ||
| README.md | ||
vHost
A pure rust library for vhost-user. This is a fork of rust-vmm/vhost.
The vhost-user protocol aims to implement vhost backend drivers in userspace, which complements the ioctl interface used to control the vhost implementation in the Linux kernel. It implements the control plane needed to establish virtqueue sharing with a user space process on the same host. It uses communication over a Unix domain socket to share file descriptors in the ancillary data of the message.
The protocol defines two sides of the communication, master and slave. Master is the application that shares its virtqueues, slave is the consumer of the virtqueues. Master and slave can be either a client (i.e. connecting) or server (listening) in the socket communication.