diff options
| author | Jorge E. Moreira <jemoreira@google.com> | 2019-01-14 18:44:49 -0800 |
|---|---|---|
| committer | chrome-bot <chrome-bot@chromium.org> | 2019-02-01 06:21:08 -0800 |
| commit | dffec507fba14da82b914c9c195df324360e9e28 (patch) | |
| tree | 36906570c97e639a495beb38bb8ac1f8cd6043f2 /seccomp/arm | |
| parent | 5329be3634547fe383aff7981854484088e6a622 (diff) | |
| download | crosvm-dffec507fba14da82b914c9c195df324360e9e28.tar crosvm-dffec507fba14da82b914c9c195df324360e9e28.tar.gz crosvm-dffec507fba14da82b914c9c195df324360e9e28.tar.bz2 crosvm-dffec507fba14da82b914c9c195df324360e9e28.tar.lz crosvm-dffec507fba14da82b914c9c195df324360e9e28.tar.xz crosvm-dffec507fba14da82b914c9c195df324360e9e28.tar.zst crosvm-dffec507fba14da82b914c9c195df324360e9e28.zip | |
Adds Virtio-Input device simulation
This allows decoupling input from the wayland socket while using a standard virtio device for it. The proposed virtio input spec can be found at https://www.kraxel.org/virtio/virtio-v1.0-cs03-virtio-input.pdf, it has already been implemented in qemu and (guest) kernel support exists since version 4.1. This change adds the following options to crosvm: --evdev: Grabs a host device and passes it through to the guest --<device>: Creates a default configuration for <device>, receives the input events from a unix socket. <device> can be 'keyboard', 'mouse' or 'trackpad'. Bug=chromium:921271 Test=booted on x86 linux and manually tried virtio-input devices Change-Id: I8455b72c53ea2f431009ee8140799b0797775e76 Reviewed-on: https://chromium-review.googlesource.com/1412355 Commit-Ready: Jorge Moreira Broche <jemoreira@google.com> Tested-by: kokoro <noreply+kokoro@google.com> Reviewed-by: Zach Reizner <zachr@chromium.org> Reviewed-by: Dylan Reid <dgreid@chromium.org>
Diffstat (limited to 'seccomp/arm')
| -rw-r--r-- | seccomp/arm/input_device.policy | 37 |
1 files changed, 37 insertions, 0 deletions
diff --git a/seccomp/arm/input_device.policy b/seccomp/arm/input_device.policy new file mode 100644 index 0000000..877f80e --- /dev/null +++ b/seccomp/arm/input_device.policy @@ -0,0 +1,37 @@ +# Copyright 2019 The Chromium OS Authors. All rights reserved. +# Use of this source code is governed by a BSD-style license that can be +# found in the LICENSE file. + +close: 1 +dup: 1 +dup2: 1 +exit_group: 1 +futex: 1 +# Disallow mmap with PROT_EXEC set. The syntax here doesn't allow bit +# negation, thus the manually negated mask constant. +mmap: arg2 in 0xfffffffb +mprotect: arg2 in 0xfffffffb +# Allow MADV_DONTDUMP only. +madvise: arg2 == 0x00000010 +munmap: 1 +read: 1 +recvfrom: 1 +sched_getaffinity: 1 +set_robust_list: 1 +sigaltstack: 1 +# Disallow clone's other than new threads. +clone: arg0 & 0x00010000 +write: 1 +eventfd2: 1 +poll: 1 +ppoll: 1 +getpid: 1 +# Allow PR_SET_NAME only. +prctl: arg0 == 15 +restart_syscall: 1 +epoll_create1: 1 +epoll_ctl: 1 +epoll_wait: 1 +ioctl: 1 +fcntl: 1 +getsockname: 1 |