Mention spectrum-vm in crosvm documentation

Thanks-to: Cole Helbling <cole.e.helbling@outlook.com>
Thanks-to: Michael Raskin <7c6f434c@mail.ru>

1 files changed, 18 insertions, 5 deletions

diff --git a/developer-manual.adoc b/developer-manual.adoc
index 06f8dc1..f96202e 100644
--- a/developer-manual.adoc
+++ b/developer-manual.adoc
@@ -175,11 +175,24 @@ then not use the Nixpkgs minijail.  You would definitely want to do
 things this if you were going to be hacking on Minijail.
 ****
 
-You can then build crosvm with cargo build.  Due to hardcoded paths to
-seccomp policy files, this crosvm will probably not work with
-sandboxing enabled, so you'll have to use --disable-sandbox.  If you
-need to test sandboxing, your best bet is to try to modify the crosvm
-Nix derivation to use your modified sources.
+You can then build crosvm with cargo build.  Spectrum's Nixpkgs
+provides a utility program for running a test VM with a custom crosvm
+build.  It can be used as follows:
+
+----
+cargo build
+nix-shell -I nixpkgs=/path/to/nixpkgs-spectrum \
+    -p spectrumPackages.spectrum-vm \
+    --run 'spectrum-vm -C target/debug/crosvm -- --disable-sandbox'
+----
+
+`--disable-sandbox` is required because crosvm has hardcoded paths to
+seccomp policy files.  If you need to test sandboxing, your best bet
+is to try to modify the crosvm Nix derivation to use your modified
+sources.  There's an http://crbug.com/1052126[upstream crosvm bug] to
+compile the policy files into the crosvm binary so paths don't have to
+be hardcoded.
+
 
 === Sommelier