| Commit message (Collapse) | Author | Age |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Change adds supports for providing pre-compiled bpf files as the policy
file for jailing. In short it's more effient to compile once on the
build machine than each time at runtime. Additionally libminijail's
support for more efficient bpfs (which use a binary tree instead of
a linear search) is currently only available via tools that are based
around pre-compiled use.
BUG=None
TEST=Ran build_test and verified that tests can pass with both bpf and
policy files (though the tests might only exercise the jail for the
plugin).
Change-Id: Idd93e3c802fc79da93850d6bad1db660576bc9ba
Signed-off-by: Matt Delco <delco@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/1914416
Tested-by: kokoro <noreply+kokoro@google.com>
Reviewed-by: Dylan Reid <dgreid@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The Deref trait is usually only implemented by smart pointers or by
trivial wrappers around the underlying type. MsgSocket does not fit into
either category because it wraps a `UnixSeqPacket` to provide new
functionality. Having it implement can lead to confusing error messages,
especially for people who are new to rust and are not familiar with the
Deref trait and Deref coercion.
For example, calling `sock.send()` on a MsgSocket without first adding
`use msg_socket::MsgSender` leads to the compiler complaining about
mis-matched types for the `send` method. `UnixSeqPacket::send` expects a
`&[u8]` while `MsgSocket::send` expects a `&M`. The compiler also gives
no clues that it is implicitly coercing the socket to a `&UnixSeqPacket`
and using the `send` method from there.
Drop the `Deref` implementation. `MsgSocket` already implements
`AsRef<UniqSeqPacket>` so anything that _needs_ to access the underlying
`UnixSeqPacket` should just use that.
BUG=none
TEST=unit tests
Change-Id: If02ef7173ae21d85d517e808489ed4d6d09ae90b
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/2002997
Reviewed-by: Daniel Verkamp <dverkamp@chromium.org>
Reviewed-by: Stephen Barber <smbarber@chromium.org>
Tested-by: kokoro <noreply+kokoro@google.com>
Commit-Queue: Chirantan Ekbote <chirantan@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
We are inconsistent in when we print errors to stdout versus strerr and
syslog, with argument parsing errors from "crosvm run" subcommand only
logged to stdout whereas other types of errors going to stederr/syslog.
Let's make sure argument parsing errors will be logged to stderr/syslog as
well, otherwise it is very confusing to analyze crosvm failures when
started by VM concierge as it does not dump crosvm stdout/stderr anywhere.
BUG=None
TEST=Try "crosvm run" with bad arguments when syslog is available,
see error messages in syslog.
Change-Id: Ie7a284f4a604716ecc655c5a38ec2147b55d63a3
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/2002677
Commit-Queue: Dmitry Torokhov <dtor@chromium.org>
Tested-by: Dmitry Torokhov <dtor@chromium.org>
Tested-by: kokoro <noreply+kokoro@google.com>
Reviewed-by: Dylan Reid <dgreid@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Adds a stub display that emulates a display without actually
displaying contents anywhere.
This is needed for transitioning Cuttlefish to always using minigbm
as its gralloc implementation. Cuttlefish currently uses a custom
gralloc and hwcomposer implementation when running without hardware
acceleration. The Cuttlefish team would like to start with removing
our custom gralloc implementation and use minigbm. For this, we need
to add a virtio 2D backend to crosvm. Our hwcomposer implementation
currenlly sends framebuffers from the guest to the host via sockets.
The gpu backend still requires a display so we need a stub display
to use with the 2D backend for the period of time while we are
either still using our hwcomposer implementation or until our
hwcomposer implementation is updated to use the virtio backend for
display.
BUG=b:123764798
BUG=chromium:1033787
TEST=built and launched with Cuttlefish locally
Change-Id: I1a7e259d914a53252200c59589c4142e76c6b96b
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/1993947
Reviewed-by: Gurchetan Singh <gurchetansingh@chromium.org>
Tested-by: kokoro <noreply+kokoro@google.com>
Commit-Queue: Jason Macnak <natsu@google.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
With command "version", we can dump version information via "crosvm version".
By default it would dump the version specified in Cargo.toml like following:
"crosvm package version 0.1.0".
And if the environment varable "PKG_VERSION=123456" is given during building crosvm,
it would dump followed by a package version, like following:
"crosvm package version 0.1.0-123456".
Sometimes, we need to know which exact version does a crosvm binary come
from for developing and testing. It is useful if the git sha is built-in a
crosvm binary.
BUG=none
TEST=PKG_VERSION=xxxxxx Cargo build && crosvm version
TEST=PKG_VERSION=xxxxx emerge-eve crosvm && crosvm version
TEST=./bin/fmt
TEST=./bin/clippy
TEST=./build_test.py --x86_64-sysroot /build/eve
no errors reported and all behavor is as expected.
v2: Refine version info.
Change-Id: I89686dbe6ab2888d8a6ce5752a37241b4c00160d
Signed-off-by: Yi Sun <yi.sun@intel.corp-partner.google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/1989256
Reviewed-by: Zach Reizner <zachr@chromium.org>
Tested-by: kokoro <noreply+kokoro@google.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The only device that used user_command was Serial. This change makes
Serial device use a thread to read from its input instead of using
user_command.
BUG=chromium:1033787
TEST=./build_test
run crosvm with stdio serial with and without sandbox
Change-Id: Ia0f2ee83d94ad2fee3f1f4f89aa734b976e33507
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/1966435
Tested-by: Zach Reizner <zachr@chromium.org>
Tested-by: kokoro <noreply+kokoro@google.com>
Reviewed-by: Dylan Reid <dgreid@chromium.org>
Commit-Queue: Zach Reizner <zachr@chromium.org>
Auto-Submit: Zach Reizner <zachr@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Linux commit 7ea6216049ff9cf250a6722cd766d99c8d1424e5 "mm/sparsemem: prepare
for sub-section ranges" added validation of memory region sizes for hotplugging.
This requires alignment of the region to 2MiB, which can be done with a
MemoryMappingArena that will pad the end of the region with read-only pages.
BUG=chromium:1031408
TEST=crostini.Sanity.artifact with 5.4 guest kernel
Change-Id: I526f23a5ef32edd3268cd23f010e2bc20f9c305a
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/1979257
Tested-by: kokoro <noreply+kokoro@google.com>
Tested-by: Stephen Barber <smbarber@chromium.org>
Reviewed-by: Daniel Verkamp <dverkamp@chromium.org>
Commit-Queue: Stephen Barber <smbarber@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Guest can specify which socket it wants to connect by passing a
parameter to VIRTWL_IOCTL_NEW_CTX_NAMED.
Even after this CL, only the unnamed wayland socket is used for composition.
Additional sockets are used for IPC purpose (e.g. camera).
BUG=b:146100044
TEST=Camera works
Cq-Depend: chromium:1962108
Change-Id: Ibd8efbae1b2177cc0381d88d151643183c31b519
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/1963412
Tested-by: Ryo Hashimoto <hashimoto@chromium.org>
Tested-by: kokoro <noreply+kokoro@google.com>
Reviewed-by: Zach Reizner <zachr@chromium.org>
Commit-Queue: Ryo Hashimoto <hashimoto@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Move qcow from being its own crate into a module of the disk crate,
similar to the composite disk module.
This will allow use of qcow from disk and vice versa without introducing
a circular crate dependency.
BUG=None
TEST=./build_test.py
TEST=USE='asan fuzzer' emerge-nami crosvm
Change-Id: I77512bbe4b94faff1b5460f9796ee56505135580
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/1972477
Reviewed-by: Cody Schuffelen <schuffelen@google.com>
Reviewed-by: Zach Reizner <zachr@chromium.org>
Tested-by: kokoro <noreply+kokoro@google.com>
Commit-Queue: Daniel Verkamp <dverkamp@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Breakpad requires /proc, so let's mount it (as read only) into plugin
jail. We can't initiate it from concierge as concierge can only pass
bind mounts to crosvm, whereas here we need to mount or own copy of
/proc that reflects out own namespace(s).
BUG=None
TEST=Run Plugin VM, check /proc of the plugin process.
Cq-Depend: 1982695
Change-Id: I5d673e3c8733a61afc5986f9bf110b05c45bbdce
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/1982820
Reviewed-by: Chirantan Ekbote <chirantan@chromium.org>
Tested-by: kokoro <noreply+kokoro@google.com>
Tested-by: Dmitry Torokhov <dtor@chromium.org>
Commit-Queue: Dmitry Torokhov <dtor@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
| |
BUG=chromium:1021609
TEST=emerge-sand crosvm
Change-Id: I9658d3816cc846be2b6320f2f03036375de67cbe
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/1979532
Tested-by: Allen Webb <allenwebb@google.com>
Tested-by: kokoro <noreply+kokoro@google.com>
Reviewed-by: Chirantan Ekbote <chirantan@chromium.org>
Commit-Queue: Allen Webb <allenwebb@google.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
We may be in state of waiting for the value for the parameter, and run
out of the parameters. In this case we should try to parse the parameter
as if it does not have a value and see if that succeeds.
This makes sure that
crosvm run ... --plugin-mount
fails with error that --plugin-mount option needs a value instead of
succeeding.
BUG=None
TEST=cargo test
Change-Id: I9f3f1f3c7e6e2ca88efed1eeea5a52dd4aae70ef
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/1975097
Reviewed-by: Dmitry Torokhov <dtor@chromium.org>
Tested-by: Dmitry Torokhov <dtor@chromium.org>
Tested-by: kokoro <noreply+kokoro@google.com>
Commit-Queue: Dmitry Torokhov <dtor@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When parsing arguments in form of "--parameter <value>", because it is
yet unclear whether the parameter needs a value or not, we first try to
parse it together with the next argument, and if that fails, try to
parse it standalone. If both fail, then we should take the error from
the first one, as it is more informative. This way, doing
crosvm run --plugin ... --plugin-mount bin --plugin-mount lib
will fail with error that "bin is not absolute path" and not that value
is missing for "--plugin-mount".
BUG=None
TEST=cargo test
Change-Id: Icc3bb0fcab4fb90e38eff3d116679091b598120d
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/1975096
Commit-Queue: Dmitry Torokhov <dtor@chromium.org>
Reviewed-by: Dylan Reid <dgreid@chromium.org>
Tested-by: kokoro <noreply+kokoro@google.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
As it turns out trim_end_matching() does not do what I expected (namely
trim the string when it encounters matching substring) but rather
expects to remove exactly matching suffix, so it actually fails to
remove comments. Let's switch to using splitn() that does what I want.
BUG=b:144454617
TEST=Run Plugin VM
Change-Id: Ibe8cd14d9d3c14ff99dd9abfa8f286e452d96913
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/1975095
Tested-by: kokoro <noreply+kokoro@google.com>
Tested-by: Dmitry Torokhov <dtor@chromium.org>
Commit-Queue: Dmitry Torokhov <dtor@chromium.org>
Reviewed-by: Dylan Reid <dgreid@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
FailEntry indicates an arch-specific failure to enter a VM. Treat this as
fatal to the vcpu.
Pass the u64 hardware failure reason from the kvm_run struct up to the client.
BUG=chromium:1036009
TEST=crosvm on hatch nested VM dies immediately instead of infinite looping
Change-Id: Iecb279b5b08ae1edc085717dce65e3ca46cbd30e
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/1977221
Tested-by: kokoro <noreply+kokoro@google.com>
Tested-by: Stephen Barber <smbarber@chromium.org>
Reviewed-by: Stephen Barber <smbarber@chromium.org>
Commit-Queue: Stephen Barber <smbarber@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Let's allow shorthand notation in the form of:
--plugin-mount=<src>[:[<dst>][:<writable>]]
--plugin-gid-map=<inner>[:[<outer>][:<count>]]
so that we can invoke crosvm as
crosvm ... --plugin-mount=/bin --plugin-mount=/dev/log::true \
--plugin-gid-map=123 --plugin-gid-map=567::5
as repeating the data for both src and destination muddies the waters
and is prone to errors.
BUG=None
TEST=cargo test
Change-Id: I6f0a075ea3b27d4ec3dcf88698069930c158e759
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/1967786
Reviewed-by: Zach Reizner <zachr@chromium.org>
Tested-by: kokoro <noreply+kokoro@google.com>
Commit-Queue: Dmitry Torokhov <dtor@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
List of bind-mounts and gid maps can be quite long, so let's allow
listing them in text files, when convenient.
BUG=b:144454617
TEST=Run Plugin VM
Change-Id: I1218dab5a7e87b9f1ba44de6828da890fddb99fe
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/1967785
Reviewed-by: Zach Reizner <zachr@chromium.org>
Tested-by: kokoro <noreply+kokoro@google.com>
Commit-Queue: Dmitry Torokhov <dtor@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
In order to support specifying list of bind-mounts and gid maps options
via files, factor out the parsing code.
BUG=b:144454617
TEST=Run Plugin VM
Change-Id: I772116cd77827ef722559e9fce450235fdbf6478
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/1967784
Tested-by: kokoro <noreply+kokoro@google.com>
Reviewed-by: Zach Reizner <zachr@chromium.org>
Commit-Queue: Dmitry Torokhov <dtor@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
| |
BUG=b:134086390
TEST=built crosvm and booted cuttlefish locally with gpu
Change-Id: I4d816ddb52a2eadd06088d204d95118289a3f587
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/1927873
Reviewed-by: Zach Reizner <zachr@chromium.org>
Tested-by: Jason Macnak <natsu@google.com>
Tested-by: kokoro <noreply+kokoro@google.com>
Commit-Queue: Jason Macnak <natsu@google.com>
|
|
|
|
|
|
|
|
|
|
|
|
| |
BUG=chromium:1023975
TEST=./build_test
Change-Id: I10267e535d4d1dae90b2b5f30db046c388791a16
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/1930409
Reviewed-by: Zach Reizner <zachr@chromium.org>
Commit-Queue: Zach Reizner <zachr@chromium.org>
Tested-by: Zach Reizner <zachr@chromium.org>
Tested-by: kokoro <noreply+kokoro@google.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This allows overriding the default logical block size (512 bytes) with
other values, such as 4096 for 4K block size disks.
BUG=chromium:942700
TEST=crosvm run -r vm_rootfs,block_size=4096 vm_kernel
TEST=verify block size with lsblk --output-all
Change-Id: Ia6db05f369a76557a2afb8b48b5cc2b66cf84b01
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/1954220
Reviewed-by: Zach Reizner <zachr@chromium.org>
Tested-by: kokoro <noreply+kokoro@google.com>
Commit-Queue: Daniel Verkamp <dverkamp@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
We don't use it for ARCVM now.
BUG=None
TEST=`emerge-eve crosvm`
Change-Id: I14343a2eb24c24a0216950b7c4eeb56ac482973e
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/1958569
Reviewed-by: Zach Reizner <zachr@chromium.org>
Reviewed-by: Dylan Reid <dgreid@chromium.org>
Tested-by: kokoro <noreply+kokoro@google.com>
Commit-Queue: Lepton Wu <lepton@chromium.org>
Auto-Submit: Lepton Wu <lepton@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Add a new type `RunnableVcpu` for a vcpu that is bound to a thread. This
adds type safety to ensure that vcpus are only ever run on one thread
because RunnableVcpu can't `Send`. It also ensures multiple vcpus can't
run on the same thread.
Change-Id: Ia50dc127bc7a4ea4ce3ca99ef1062edbcaa912d0
Signed-off-by: Dylan Reid <dgreid@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/1898909
Tested-by: kokoro <noreply+kokoro@google.com>
Reviewed-by: Zach Reizner <zachr@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This change enables Cuttlefish to run with a user specified display size on top
of virtio gpu accelerated graphics rendering.
This change makes the width and height an argument/flag and adds the necessary
plumbing to pass this width and height through the gpu backend.
BUG=b:134086390
TEST=built crosvm and booted cuttlefish locally
Change-Id: Idabf7ef083b2377e3ebf3b50dd0296f4bf7e8ddc
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/1927872
Tested-by: kokoro <noreply+kokoro@google.com>
Tested-by: Dylan Reid <dgreid@chromium.org>
Reviewed-by: Dylan Reid <dgreid@chromium.org>
Commit-Queue: Jason Macnak <natsu@google.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Don't use /proc/sys/fs/file-max when setting the max open file limit for
the virtio-fs device. This will fail when the value is larger than the
hard limit set for the crosvm process, unless it also has CAP_SYS_ADMIN
in the initial namespace.
Instead, just use the hard limit as returned by `prlimit64`. Increasing
the soft limit up to the hard limit is allowed even for completely
unprivileged processes. It is up to the process that spawned crosvm to
ensure that the hard limit is high enough that the virtio-fs server will
not run out of fds.
BUG=b:142344095
TEST=Start a termina VM with a virtio-fs device after applying
CL:1939193
Change-Id: I4fb4c33ffe6378ed3109fddcb0fc2bf3da850252
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/1957767
Tested-by: Chirantan Ekbote <chirantan@chromium.org>
Tested-by: kokoro <noreply+kokoro@google.com>
Auto-Submit: Chirantan Ekbote <chirantan@chromium.org>
Commit-Queue: Stephen Barber <smbarber@chromium.org>
Reviewed-by: Daniel Verkamp <dverkamp@chromium.org>
Reviewed-by: Stephen Barber <smbarber@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
... to allow for specifying either '--gpu' to get default params or
'--gpu=width=800,height=600,egl,surfaceless' to get custom params.
Note: this introduces some potential ambiguity if the flag_or_value
argument is the last arg specified before a positional argument.
For example, 'crosvm run --gpu something' could either be parsed
as a single value ('--gpu=something') or a flag and a positional
argument ('--gpu' and 'something'). This change currently expects
that the functor passed to set_arguments() will return an error
on '--gpu=something' in order to resolve the disambiguity.
BUG=b:134086390
TEST=built crosvm and booted cuttlefish locally
Change-Id: Ib9be604af82583a39d7bd0a403e2168ef7350389
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/1929603
Tested-by: kokoro <noreply+kokoro@google.com>
Commit-Queue: Jason Macnak <natsu@google.com>
Reviewed-by: Zach Reizner <zachr@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
On systems where usize is 32 bits wide (e.g. 32-bit arm), the
calculation of memory_size in bytes based on the -m configuration option
in megabytes would silently overflow when the resulting value was wider
than 32 bits.
Change the shift that converts megabytes to bytes into a checked_mul so
that a suitable error is produced if the size overflows.
Additionally, change the cfg.memory type to u64 instead of usize; this
is representing a size in megabytes, so its maximum value isn't related
to the size of an object in memory anyway, and this avoids the need for
a cast in the memory_size calculation. Requesting a memory size larger
than the crosvm process can map will still result in an error at a later
stage in guest startup.
BUG=chromium:1028747
TEST=`crosvm run -m $((5 * 1024)) ...` on kevin
Change-Id: I8fef7070bab4dafff70ed54738b26d0bb7632150
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/1937551
Reviewed-by: Stephen Barber <smbarber@chromium.org>
Tested-by: kokoro <noreply+kokoro@google.com>
Commit-Queue: Daniel Verkamp <dverkamp@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
if device bar is mappable, map bar's gpa to hpa in EPT, guest vcpu
could access this bar directly through EPT without trapping. This
could improve performance.
vm.add_mmio_memory could help do this, here vfio_pci send
RegisterMmapMemory request through vm_control socket to do this.
BUG=chromium:992270
TEST=none
Change-Id: I3b4274372f7dcd32e18084d55f037b6fe45ed422
Signed-off-by: Xiong Zhang <xiong.y.zhang@intel.corp-partner.google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/1581147
Tested-by: kokoro <noreply+kokoro@google.com>
Reviewed-by: Daniel Verkamp <dverkamp@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
All virtio devices can use the same generic calculation for number of
MSI-X vectors required: number of queues plus one for configuration
changes. Move this calculation to the VirtioPciDevice implementation
and remove the Option to unconditionally enable MSI-X support for all
PCI virtio devices.
BUG=chromium:854765
TEST=Verify all virtio interrupts in /proc/interrupts are PCI-MSI
Change-Id: I5905ab52840e7617b0b342ec6ca3f75dccd16e4d
Signed-off-by: Daniel Verkamp <dverkamp@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/1925169
Reviewed-by: Zide Chen <zide.chen@intel.com>
Reviewed-by: Dylan Reid <dgreid@chromium.org>
Tested-by: kokoro <noreply+kokoro@google.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The virtio-fs device opens a lot of fds and needs to have a pretty high
open file limit. In order for this to be successful on Chrome OS, the
parent process (concierge) also needs to have a very high open file
limit. This unfortunately has the side-effect of raising the open file
limit for _all_ crosvm devices.
Deal with this by setting the open file limit back down to a reasonable
value (1024) for all devices that use `create_base_minijail`. This was
the value of the open file limit for concierge before the increase.
BUG=b:142344095
TEST=Check /proc/<pid>/limits for various crosvm device processes and
see that they have the proper value for "Max open files".
Change-Id: I87e3fe62fe22e68bff5ba5b60d85d39060a111dd
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/1939527
Tested-by: Chirantan Ekbote <chirantan@chromium.org>
Tested-by: kokoro <noreply+kokoro@google.com>
Auto-Submit: Chirantan Ekbote <chirantan@chromium.org>
Commit-Queue: Nicolas Boichat <drinkcat@chromium.org>
Reviewed-by: Daniel Verkamp <dverkamp@chromium.org>
Reviewed-by: Stephen Barber <smbarber@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Even when run on Chrome OS, the crosvm process does not have enough
privilege to add the chronos user/group to the {u,g}idmap of the 9p
device process. This was never cleaned up because we don't use the 9p
device in crostini VMs (seneschal spawns 9s servers in a separate
process tree).
Remove all references to the chronos user/group and just do what the
other devices do: use the crosvm user/group if it exists or fall back to
the current euid/egid.
BUG=chromium:1028442
TEST=Add `--shared-dir` to the command line flags of a termina VM and
see that it starts properly
Change-Id: Iad4927d37c35709aee6e15f79b316eb88483458f
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/1935581
Auto-Submit: Chirantan Ekbote <chirantan@chromium.org>
Tested-by: kokoro <noreply+kokoro@google.com>
Commit-Queue: Daniel Verkamp <dverkamp@chromium.org>
Reviewed-by: Daniel Verkamp <dverkamp@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
rlim_t is defined as an unsigned long but importantly, it is defined as
what the _kernel_ thinks is an unsigned long. This means that when you
have a 32-bit userspace and a 64-bit kernel (like we do for arm64
chromebooks), rlim_t is 64 bits.
This isn't really a problem for C and C++ code because they use the
headers from the kernel where rlim_t is properly sized but it doesn't
really work for rust. The libc crate defines rlim_t as an alias for
::std::os::raw::c_ulong, which leads to the rust compiler thinking that
it has a 32 bit width.
Hilarity ensues when you attempt to cross the rust -> C FFI barrier with
these conflicting definitions. The rust compiler thinks the parameters
can fit in 32 bit registers so it puts the `cur` parameter in r2 and the
`max` parameter in r3. On the other hand, the C code knows that the
parameters are 64-bit values and combines r2/r3 to create the 64-bit
`cur` value and uses the first 8 bytes on the stack as the `max` value.
This leads to a `cur` value that is way too large and a nonsensical
`max` value that depends on whatever happened to be on the stack at the
time.
Fix this by changing the library bindings to u64 and the
Minijail::set_rlimit parameters to rlim64_t. Once we add a method to
minijail that accepts rlim64_t's we can switch the library bindings to
use that as well.
BUG=b:136128319
TEST=`tast run vm.Virtiofs` on kevin
Change-Id: I8f58923c4768ecfe827d2a5d73c72dc778fe419c
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/1916560
Reviewed-by: Chirantan Ekbote <chirantan@chromium.org>
Tested-by: Chirantan Ekbote <chirantan@chromium.org>
Tested-by: kokoro <noreply+kokoro@google.com>
Commit-Queue: Chirantan Ekbote <chirantan@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Add x86_64 and arm seccomp policy files for the virtio-fs device.
BUG=b:136128319
TEST=Run a vm with a sandboxed virtio-fs device
Change-Id: I8ea7c5d3e90696077f0c2b1f942cb286a0b36cf4
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/1916559
Reviewed-by: Dylan Reid <dgreid@chromium.org>
Reviewed-by: Stephen Barber <smbarber@chromium.org>
Tested-by: kokoro <noreply+kokoro@google.com>
Commit-Queue: Chirantan Ekbote <chirantan@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Expand the `--shared-dir` option to allow callers to select between 9p
and virtio-fs for sharing directories.
BUG=b:136128319
TEST=start a VM with a virtio-fs based shared directory
Change-Id: Ie8afc1965b693805dd6000f0157786317aab060d
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/1705656
Reviewed-by: Daniel Verkamp <dverkamp@chromium.org>
Tested-by: kokoro <noreply+kokoro@google.com>
Commit-Queue: Chirantan Ekbote <chirantan@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Extend the --disk option and other related options to allow a particular
disk to have the sparse operations (virtio-blk's discard command)
enabled or disabled.
By default, the sparse flag will be enabled for virtio-blk devices,
matching current behavior.
BUG=chromium:858815
TEST=Run `crosvm with --rwdisk file.img,sparse=false` and try to discard
Change-Id: Ib72c949711fbe869a3f444d7f929a80d0e039f72
Signed-off-by: Daniel Verkamp <dverkamp@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/1906750
Tested-by: kokoro <noreply+kokoro@google.com>
Reviewed-by: Zach Reizner <zachr@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
control_sockets.swap_remove() could cause host kernel to invoke
ep_remove() to remove the epoll item.
But it's called from the task work, and it could be deferred after
next poll_ctx.wait() which could unexpectedly pick up epoll events
from the already closed fd.
BUG=chromium:1019986
TEST=launch Crosvm guest from heavy loaded Linux host
Change-Id: I474a7a47a484e3acfae4383d61601e1553bd674f
Signed-off-by: Zide Chen <zide.chen@intel.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/1917495
Reviewed-by: Zach Reizner <zachr@chromium.org>
Reviewed-by: Daniel Verkamp <dverkamp@chromium.org>
Tested-by: kokoro <noreply+kokoro@google.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Since unified allocator is used to allocate mmio, this patch remove the
device memory name, and rename device to mmio.
BUG=chromium:992270
TEST=this patch doesn't change function, run build_test
Change-Id: I234b0db4b3c5de8cfee372ace5212a980564d0c7
Signed-off-by: Xiong Zhang <xiong.y.zhang@intel.corp-partner.google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/1895234
Tested-by: kokoro <noreply+kokoro@google.com>
Reviewed-by: Daniel Verkamp <dverkamp@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Current mmio and device two allocators exist, the purpose to define
two allocator is:
Accessing to gpa from mmio allocator cause vm exit, while gpa from
device allocator doesn't cause vm exit.
Whether vm exits exist or not, dependency on whether
vm->add_device_memory() is called with gpa from allocator or not.Even
if gpa is from mmio alloator, and vm->add_device_memory() is called
with this gpa, accessing this gpa won't cause vm exit. So mmio allocator
and device allocator couldn't guarantee the original purpose.
This patch unify mmio allocator and device allocator into one mmio
allocator.
BUG=chromium:992270
TEST=this patch doesn't change function, so just run build_test
Change-Id: If87d5c2838eb122ef627fa45c394b1b3ccfafeb0
Signed-off-by: Xiong Zhang <xiong.y.zhang@intel.corp-partner.google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/1895233
Tested-by: kokoro <noreply+kokoro@google.com>
Reviewed-by: Zach Reizner <zachr@chromium.org>
Reviewed-by: Daniel Verkamp <dverkamp@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Const and static variables imply a static lifetime, so declaring it
isn't necessary.
Fixes clippy warnings of the form:
Statics have by default a `'static` lifetime
BUG=None
TEST=bin/clippy
Change-Id: I99e63b435b6b2fd5fbce9ef617e89ec114587ad7
Signed-off-by: Daniel Verkamp <dverkamp@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/1896087
Reviewed-by: Zach Reizner <zachr@chromium.org>
Tested-by: kokoro <noreply+kokoro@google.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
A plugin might care to be immediately notified when a write
is made to a port, but it doesn't care to have the VM stopped
while the plugin calls back to resume the VM.
Unfortunately this means that multiple messages can be queued up in the
pipe and read() together by the plugin API. Protobuf's parsing function
doesn't report how many bytes it read, so I've resorted to having crosvm
prefix every message with a length and then have the plugin lib parse
this number. Impact on performance has not been measured.
BUG=b:143294496
TEST=Local build and run of build_test. Verified that new unit
test was executed, exercised the case where multiple msgs are
received together, and completed successfully.
Change-Id: If6ef463e7b4d2e688e649f832a764fa644bf2d36
Signed-off-by: Matt Delco <delco@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/1896376
Tested-by: kokoro <noreply+kokoro@google.com>
Reviewed-by: Stephen Barber <smbarber@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This change tries to improve the performance of a plugin-based VM
by adding a hint API that allows crosvm to proactively push cpu
state to the plugin when certain ports for hypercalls are accessed
by the VM.
BUG=None
TEST=build and run. See performance increase significantly.
Change-Id: I71af24ebc034095ffea42eedb9ffda0afc719cd6
Signed-off-by: Matt Delco <delco@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/1873005
Tested-by: kokoro <noreply+kokoro@google.com>
Reviewed-by: Zach Reizner <zachr@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
| |
Use immediate exit when avaialable to improve performance.
BUG=None
TEST=Local build and test.
Change-Id: I5a4fb3dc310f3b2969113f6d57290099f84a0187
Signed-off-by: Matt Delco <delco@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/1847861
Reviewed-by: Zach Reizner <zachr@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
If the immediate exit feature is available then we use use it to improve
performance.
BUG=None
TEST=Local build and test.
Change-Id: I368ae7a711de72955777cd434450789e9a10616c
Signed-off-by: Matt Delco <delco@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/1847860
Reviewed-by: Zach Reizner <zachr@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When vfio device msi is enabled, use VmIrqRequest->AllocateOneMsi() to
allocate one gsi for a msi vector, and link gsi with irqfd through
vm->register_irqfd, use VmIrqRequest->AddMsiRoute() to add msi routing
info into kvm route table.
BUG=chromium:992270
TEST=none
Change-Id: I5e2d2347e5e26f0ef6e12554dae4b12934b65e82
Signed-off-by: Xiong Zhang <xiong.y.zhang@intel.corp-partner.google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/1581146
Reviewed-by: Daniel Verkamp <dverkamp@chromium.org>
Tested-by: kokoro <noreply+kokoro@google.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Allocate per device VmMsi msg_socket for communication between virtio
devices and main VM process, which owns the KVM fd and issues ioctl to
KVM for KVM_IRQFD and KVM_SET_GSI_ROUTING.
BUG=chromium:854765
TEST=None
Change-Id: Ie1c81534912eaab7fbf05b5edef7dca343db301c
Signed-off-by: Xiong Zhang <xiong.y.zhang@intel.corp-partner.google.com>
Signed-off-by: Zide Chen <zide.chen@intel.corp-partner.google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/1828339
Tested-by: Daniel Verkamp <dverkamp@chromium.org>
Commit-Queue: Stephen Barber <smbarber@chromium.org>
Reviewed-by: Daniel Verkamp <dverkamp@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
In the case of 1) an IO exit & callout to plugin, then 2) a pause
request by another thread, the vcpu thread will eagerly check for a
pause request and might cause another callout to the plugin for the
pause. We haven't yet run KVM again for it to emulate the completion of
the IO. It's probably less risky to call back into KVM again and let it
finish the emulation before we callout to the plugin to make other
potential state changes to the VM. This change also reduces the
overhead of the non-pause case by not checking for a pause request on
each VM exit.
The tradeoff is that a pause request might take longer, but these are
(or should be) relatively rare so it's better to slow these down (and be
more conserative/sane about the state of the VM when pause is reported)
in favor of making the non-pause VM exits faster.
BUG=None
TEST=Local build and run of "build_test".
Change-Id: I38609eccd9a2196835f99de5ea84a586928fab30
Signed-off-by: Matt Delco <delco@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/1863725
Reviewed-by: Zach Reizner <zachr@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
There was a rename of the signal handler function for rt
signals. This renames the plugin use to be consistent with the
non-plugin case.
BUG=None.
TEST=Local compile.
Change-Id: I5bf2e19754183022dbfe31fd1fdeceb83e07c18a
Signed-off-by: Matt Delco <delco@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/1846680
Reviewed-by: Zach Reizner <zachr@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
If a plugin makes a set call on vcpu registers then we
can improve performance by deferring the IPC and instead
conbining the request with the next resume call.
BUG=None
TEST=build and run.
Change-Id: I4eb54a3f6eb30c98971aa2f099e3ea5899767eed
Signed-off-by: Matt Delco <delco@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/1825262
Reviewed-by: Zach Reizner <zachr@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The resume response was deleted in a earlier change. This change
removes the message type from the proto file and adjusts crosvm
so it can still build after this removal.
BUG=None
TEST=build and run.
Change-Id: I27d36a51b1e7eb59258d23da38199b86d7cb3659
Signed-off-by: Matt Delco <delco@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/1825260
Reviewed-by: Zach Reizner <zachr@chromium.org>
Reviewed-by: Dylan Reid <dgreid@chromium.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Fix boxed_local, const_static_lifetime, useless_format, and
redundant_closure clippy warnings in the VFIO code.
This fixes all clippy warnings except a single instance of
let_and_return in VfioPciDevice::keep_fds(), since that code is modified
in an upcoming patch.
BUG=None
TEST=./build_test.py
TEST=bin/clippy
Change-Id: I548adbc6b92448fc0db82ed72214d73b0eabaf5c
Signed-off-by: Daniel Verkamp <dverkamp@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/1822697
Reviewed-by: Xiong Zhang <xiong.y.zhang@intel.corp-partner.google.com>
Reviewed-by: Zach Reizner <zachr@chromium.org>
Tested-by: Xiong Zhang <xiong.y.zhang@intel.corp-partner.google.com>
Tested-by: kokoro <noreply+kokoro@google.com>
|