mirrors/crosvm
1
0
Fork 0
mirror of https://chromium.googlesource.com/crosvm/crosvm synced 2025-01-12 16:45:31 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions
No description
25 commits 607 branches 2 tags 230 MiB
Rust 95.6%
Python 1.9%
C 1.7%
Shell 0.5%
Find a file
Zach Reizner c1c23a86e1 crosvm: add child process device proxy 
The purpose of the child process is to enable an extra layer of
isolation between the emulated devices, which have to deal with much
more untrusted guest memory, and the main process which has access to
the kernel's KVM ioctls.

BUG=None
TEST=None

Change-Id: I13c1fcf29e6da88a8a390e1cb174915fa2d86596
Reviewed-on: https://chromium-review.googlesource.com/514685
Commit-Ready: Zach Reizner <zachr@chromium.org>
Tested-by: Zach Reizner <zachr@chromium.org>
Reviewed-by: Zach Reizner <zachr@chromium.org>
Reviewed-by: Dylan Reid <dgreid@chromium.org>
2017-06-01 23:49:24 -07:00
io_jail io_jail: Add a wrapper around minijail 2017-05-25 12:25:27 -07:00
kernel_loader sys_util: Add guest_memory 2017-05-25 22:51:14 -07:00
kvm sys_util: Add guest_memory 2017-05-25 22:51:14 -07:00
kvm_sys kvm-sys: rename to kvm_sys 2017-05-02 05:20:27 -07:00
src/hw crosvm: add child process device proxy 2017-06-01 23:49:24 -07:00
sys_util sys_util: Add guest_memory 2017-05-25 22:51:14 -07:00
syscall_defines syscall_defines: Add linux syscall defines. 2017-05-29 21:49:05 -07:00
x86_64 x86_64: Remove extra closure args and double-derefs 2017-05-29 21:49:05 -07:00
.gitignore Add editor temp files to .gitignore 2017-05-02 05:20:26 -07:00
LICENSE add LICENSE and README 2017-04-17 14:06:21 -07:00
README.md add LICENSE and README 2017-04-17 14:06:21 -07:00

README.md

Chrome OS KVM

This component, known as crosvm, runs untrusted operating systems along with virtualized devices. No actual hardware is emulated. This only runs VMs through the Linux's KVM interface. What makes crosvm unique is a focus on safety within the programming language and a sandbox around the virtual devices to protect the kernel from attack in case of an exploit in the devices.

Overview

The crosvm source code is organized into crates, each with their own unit tests. These crates are:

  • kvm-sys low-level (mostly) auto-generated structures and constants for using KVM
  • kvm unsafe, low-level wrapper code for using kvm-sys
  • crosvm the top-level binary front-end for using crosvm

Usage

Currently there is no front-end, so the best you can do is run cargo test in each crate.