virtio: Implement the 9P device

Implement a new virtio_9p device to be used for sharing directories with
the VM.

BUG=chromium:703939
TEST=mount inside a VM and run `bonnie++ -r 256`
Append the shared directory to the crosvm command line:
--shared-dir /path/to/dir:test_9p
Then mount in the guest:
mkdir /tmp/9p
mount -t 9p -o trans=virtio test_9p /tmp/9p -oversion=9p2000.L
Or for a 9p root:
run --shared-dir /mnt/vm_root:/dev/root -p 'root=/dev/root ro rootflags=ro,trans=virtio,version=9p2000.L,cache=loose rootfstype=9p' vmlinux.bin

CQ-DEPEND=CL:1065170

Change-Id: I41fc21306ab5fa318a271f172d7057b767b29f31
Signed-off-by: Chirantan Ekbote <chirantan@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1065173
Commit-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com>
Reviewed-by: Dylan Reid <dgreid@chromium.org>

2 files changed, 108 insertions, 0 deletions

diff --git a/seccomp/aarch64/9p_device.policy b/seccomp/aarch64/9p_device.policy
new file mode 100644
index 0000000..238fb87
--- /dev/null
+++ b/seccomp/aarch64/9p_device.policy
@@ -0,0 +1,54 @@
+# Copyright 2018 The Chromium OS Authors. All rights reserved.
+# Use of this source code is governed by a BSD-style license that can be
+# found in the LICENSE file.
+
+write: 1
+recv: 1
+read: 1
+epoll_wait: 1
+pread64: 1
+pwrite64: 1
+lstat64: 1
+stat64: 1
+close: 1
+prctl: arg0 == PR_SET_NAME
+open: 1
+fstat64: 1
+# ioctl(fd, FIOCLEX, 0) is equivalent to fcntl(fd, F_SETFD, FD_CLOEXEC).
+ioctl: arg1 == FIOCLEX
+getdents64: 1
+fdatasync: 1
+fsync: 1
+# Disallow mmap with PROT_EXEC set.  The syntax here doesn't allow bit
+# negation, thus the manually negated mask constant.
+mmap2: arg2 in 0xfffffffb
+mprotect: arg2 in 0xfffffffb
+sigaltstack: 1
+munmap: 1
+mkdir: 1
+rmdir: 1
+epoll_ctl: 1
+rename: 1
+writev: 1
+link: 1
+unlink: 1
+restart_syscall: 1
+exit: 1
+rt_sigreturn: 1
+epoll_create1: 1
+sched_getaffinity: 1
+dup: 1
+# Disallow clone's other than new threads.
+clone: arg0 & 0x00010000
+set_robust_list: 1
+exit_group: 1
+socket: arg0 == AF_UNIX
+futex: 1
+eventfd2: 1
+mremap: 1
+# Allow MADV_DONTDUMP and MADV_DONTNEED only.
+madvise: arg2 == 0x00000010 || arg2 == 0x00000004
+utimensat: 1
+ftruncate64: 1
+fchown: arg1 == 0xffffffff && arg2 == 0xffffffff
+statfs64: 1
diff --git a/seccomp/x86_64/9p_device.policy b/seccomp/x86_64/9p_device.policy
new file mode 100644
index 0000000..d161b5c
--- /dev/null
+++ b/seccomp/x86_64/9p_device.policy
@@ -0,0 +1,54 @@
+# Copyright 2018 The Chromium OS Authors. All rights reserved.
+# Use of this source code is governed by a BSD-style license that can be
+# found in the LICENSE file.
+
+write: 1
+writev: 1
+recvfrom: 1
+epoll_wait: 1
+read: 1
+pwrite64: 1
+stat: 1
+lstat: 1
+close: 1
+open: 1
+fstat: 1
+# ioctl(fd, FIOCLEX, 0) is equivalent to fcntl(fd, F_SETFD, FD_CLOEXEC).
+ioctl: arg1 == FIOCLEX
+link: 1
+unlink: 1
+rename: 1
+pread64: 1
+getdents: 1
+# Disallow mmap with PROT_EXEC set.  The syntax here doesn't allow bit
+# negation, thus the manually negated mask constant.
+mmap: arg2 in 0xfffffffb
+mprotect: arg2 in 0xfffffffb
+munmap: 1
+mkdir: 1
+sigaltstack: 1
+epoll_ctl: 1
+mremap: 1
+rmdir: 1
+fsync: 1
+fdatasync: 1
+restart_syscall: 1
+exit: 1
+rt_sigreturn: 1
+epoll_create1: 1
+prctl: arg0 == PR_SET_NAME
+eventfd2: 1
+sched_getaffinity: 1
+dup: 1
+getpid: 1
+# Disallow clone's other than new threads.
+clone: arg0 & 0x00010000
+set_robust_list: 1
+exit_group: 1
+# Allow MADV_DONTDUMP and MADV_DONTNEED only.
+madvise: arg2 == 0x00000010 || arg2 == 0x00000004
+futex: 1
+utimensat: 1
+ftruncate: 1
+fchown: arg1 == 0xffffffff && arg2 == 0xffffffff
+statfs: 1