diff options
author | Alyssa Ross <hi@alyssa.is> | 2020-05-11 19:15:54 +0000 |
---|---|---|
committer | Alyssa Ross <hi@alyssa.is> | 2020-05-11 19:15:54 +0000 |
commit | 20a65f5be6e0ebc99b33cb5152aa517ee883be28 (patch) | |
tree | f95a5c3a3eeee61fa9d7468df331277d8e3c5a5c | |
parent | a9e30e88292dbe19b4e3bce84b07fd028636bf70 (diff) | |
download | doc-20a65f5be6e0ebc99b33cb5152aa517ee883be28.tar doc-20a65f5be6e0ebc99b33cb5152aa517ee883be28.tar.gz doc-20a65f5be6e0ebc99b33cb5152aa517ee883be28.tar.bz2 doc-20a65f5be6e0ebc99b33cb5152aa517ee883be28.tar.lz doc-20a65f5be6e0ebc99b33cb5152aa517ee883be28.tar.xz doc-20a65f5be6e0ebc99b33cb5152aa517ee883be28.tar.zst doc-20a65f5be6e0ebc99b33cb5152aa517ee883be28.zip |
Mention spectrum-vm in crosvm documentation
Thanks-to: Cole Helbling <cole.e.helbling@outlook.com> Thanks-to: Michael Raskin <7c6f434c@mail.ru>
-rw-r--r-- | developer-manual.adoc | 23 |
1 files changed, 18 insertions, 5 deletions
diff --git a/developer-manual.adoc b/developer-manual.adoc index 06f8dc1..f96202e 100644 --- a/developer-manual.adoc +++ b/developer-manual.adoc @@ -175,11 +175,24 @@ then not use the Nixpkgs minijail. You would definitely want to do things this if you were going to be hacking on Minijail. **** -You can then build crosvm with cargo build. Due to hardcoded paths to -seccomp policy files, this crosvm will probably not work with -sandboxing enabled, so you'll have to use --disable-sandbox. If you -need to test sandboxing, your best bet is to try to modify the crosvm -Nix derivation to use your modified sources. +You can then build crosvm with cargo build. Spectrum's Nixpkgs +provides a utility program for running a test VM with a custom crosvm +build. It can be used as follows: + +---- +cargo build +nix-shell -I nixpkgs=/path/to/nixpkgs-spectrum \ + -p spectrumPackages.spectrum-vm \ + --run 'spectrum-vm -C target/debug/crosvm -- --disable-sandbox' +---- + +`--disable-sandbox` is required because crosvm has hardcoded paths to +seccomp policy files. If you need to test sandboxing, your best bet +is to try to modify the crosvm Nix derivation to use your modified +sources. There's an http://crbug.com/1052126[upstream crosvm bug] to +compile the policy files into the crosvm binary so paths don't have to +be hardcoded. + === Sommelier |