From mboxrd@z Thu Jan 1 00:00:00 1970 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on atuin.qyliss.net X-Spam-Level: X-Spam-Status: No, score=-1.1 required=5.0 tests=DKIM_SIGNED,DKIM_VALID, DKIM_VALID_AU,MAILING_LIST_MULTI,RCVD_IN_DNSWL_NONE,SPF_HELO_NONE autolearn=unavailable autolearn_force=no version=3.4.6 Received: from atuin.qyliss.net (localhost [IPv6:::1]) by atuin.qyliss.net (Postfix) with ESMTP id 514F080B12; Thu, 29 Sep 2022 08:53:44 +0000 (UTC) Received: by atuin.qyliss.net (Postfix, from userid 496) id DBADF80A7F; Thu, 29 Sep 2022 08:53:41 +0000 (UTC) Received: from mail-ed1-x535.google.com (mail-ed1-x535.google.com [IPv6:2a00:1450:4864:20::535]) by atuin.qyliss.net (Postfix) with ESMTPS id 06DB680AB0 for ; Thu, 29 Sep 2022 08:53:39 +0000 (UTC) Received: by mail-ed1-x535.google.com with SMTP id e18so1043843edj.3 for ; Thu, 29 Sep 2022 01:53:39 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=unikie.com; s=google; h=in-reply-to:content-disposition:mime-version:references:message-id :subject:cc:to:from:date:from:to:cc:subject:date; bh=wkoFtVQmrYTv+3+25k7uwxNtIobrss+u0GsHLDJFH38=; b=VAPBXY71ZCBf3vLCulQYSNZTm373lZSRnSfd4ku/g0yoDYbr1FYl6vowvjTj2FtbxJ 2d1pTxf812IczQHXJvoiFknVAOb3+nRKzGAAler+bhhm0aMD3yrv3QQStR95Y6E4ZFCN nk+VQ8tdge6RXs8nqJDxq4WcmiWH5NUuBilzQg0HbDYMA9/aN2AIfKwnRgRPV1Bunkrx k6G3f7Jp/jwho0YqF0mg/wAP4u/tO9li4yqxV9LO84daxaDIumWS353YamJvmTdH+rPw iOTakfsCBUHDVBN92zOp4YnHj4Rn8aLSdqUKQFc86UZqH+nKNygpAEbPi0HZZBOEYyuY 63Xw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=in-reply-to:content-disposition:mime-version:references:message-id :subject:cc:to:from:date:x-gm-message-state:from:to:cc:subject:date; bh=wkoFtVQmrYTv+3+25k7uwxNtIobrss+u0GsHLDJFH38=; b=6P3yL7FVLoKqZJPNZaYQmOuHMkyesqwrA8nOcox06bYIerrKpTlCeNEzSEowhZ3w6L LcDJfgW1+jzCR2RixPi1zrmPkVN21AjLL5Fjc+eH3Ni+I4hfPA0MABby2VV9o8OeOAeC gwpUybX0s5tYCO7IFssOwbs++6LEjsW+KtYCe75pJe3xqKkhPo+PPHE7mqayIy+lFa7k SSyPwrFlsxOAnoiXimR3SzRqfkK0rGdwej1sPfknU/TCDGUyA0ELrOOQIHQRH7EypOGh vdsJd7gs7U04CrBMVPiQo28tVouxg8rTNOu1mN3t+A13IM91982BJ8plh1NVQMfVzl5A HIVw== X-Gm-Message-State: ACrzQf3qu55VoEOTTO42iyBPMpkKfk2mRr9a0ibgmmUH5RZWA6T8EZQX k6VLczSljNcJUSML0ZjKpHTivXt4ASr8q74P X-Google-Smtp-Source: AMsMyM5+rcqiZooPO5c/hUIVUkHcTBVNDGy+t97TuCrTZZFBA8BQrwJZJmVUQAcv56yv3qOY1+Lmig== X-Received: by 2002:aa7:da99:0:b0:457:fa48:3711 with SMTP id q25-20020aa7da99000000b00457fa483711mr2198868eds.46.1664441619458; Thu, 29 Sep 2022 01:53:39 -0700 (PDT) Received: from x220.qyliss.net (p4feb786f.dip0.t-ipconnect.de. [79.235.120.111]) by smtp.gmail.com with ESMTPSA id 9-20020a170906300900b00731582babcasm3688907ejz.71.2022.09.29.01.53.38 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 29 Sep 2022 01:53:38 -0700 (PDT) Received: by x220.qyliss.net (Postfix, from userid 1000) id 4366E52B; Thu, 29 Sep 2022 08:53:38 +0000 (UTC) Date: Thu, 29 Sep 2022 08:53:38 +0000 From: Alyssa Ross To: devel@spectrum-os.org Subject: Re: [RFC PATCH nixpkgs 7/9] cloud-hypervisor: add virtio-gpu support Message-ID: <20220929085338.lazjtztmryniskz2@x220.qyliss.net> References: <20220928170128.1583791-1-alyssa.ross@unikie.com> <20220928170128.1583791-8-alyssa.ross@unikie.com> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="oxmtneuyrcg6ik66" Content-Disposition: inline In-Reply-To: <20220928170128.1583791-8-alyssa.ross@unikie.com> Message-ID-Hash: MGM3V7BUOY3UMGOC43SCXHEESJLZ4UZK X-Message-ID-Hash: MGM3V7BUOY3UMGOC43SCXHEESJLZ4UZK X-MailFrom: alyssa.ross@unikie.com X-Mailman-Rule-Hits: header-match-devel.spectrum-os.org-0 X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-config-1 CC: Ville Ilvonen X-Mailman-Version: 3.3.5 Precedence: list List-Id: Patches and low-level development discussion Archived-At: List-Archive: List-Help: List-Owner: List-Post: List-Subscribe: List-Unsubscribe: --oxmtneuyrcg6ik66 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Wed, Sep 28, 2022 at 05:01:26PM +0000, Alyssa Ross wrote: > The virtio-bindings changes update the bindings for recent kernels, > and the vhost change is cherry-picked from crosvm's fork of the crate > to add support for their custom extensions. > > Signed-off-by: Alyssa Ross Known issue: cloud-hypervisor with a GPU device doesn't work if the seccomp sandbox is enabled. Workaround is --seccomp log, or the following additional diff, which I'll include in the next version of this series when I submit it: diff --git c/virtio-devices/src/seccomp_filters.rs w/virtio-devices/src/sec= comp_filters.rs index 45a27750..a1ec89d8 100644 --- c/virtio-devices/src/seccomp_filters.rs +++ w/virtio-devices/src/seccomp_filters.rs @@ -170,7 +170,11 @@ fn virtio_vhost_fs_thread_rules() -> Vec<(i64, Vec)> { } =20 fn virtio_vhost_gpu_thread_rules() -> Vec<(i64, Vec)> { - vec![(libc::SYS_getcwd, vec![])] + vec![ + (libc::SYS_getcwd, vec![]), + (libc::SYS_recvmsg, vec![]), + (libc::SYS_sendmsg, vec![]), + ] } =20 fn virtio_vhost_net_ctl_thread_rules() -> Vec<(i64, Vec)> { --oxmtneuyrcg6ik66 Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEEH9wgcxqlHM/ARR3h+dvtSFmyccAFAmM1XREACgkQ+dvtSFmy ccDsyA/9GR8ak5RuDjgOl/Dzn1A8QJaleJVmmevZk1R+rHcVf6Q1em9OJ9dDxbAz AjXMSpZhyIcmTNhcIRlg9DwM//5ifIVltTfTHreD3EOAbQoXjTZciTTEJP2FG5iZ m6pYoUGZKYXbrZltDhUU+R5faz1y7rpqyn5kSz+or9/NG8OFtkN3pel7I+/61+nk 3Kzh+lIIIT4+l3CmlXBEPJWRIsHQwdfVMnTjZiEk2myF4Gb4lzth9GF2GmfFZhQN 8s/EEv+0UblSw60s6awrAnPeqqPF2wAIsFLz4M+2jmaTNnFEHhhYU48tBIFhrsKj ym8/CtbnvaA339Hb3UQBKK6NtvWm4XNkkomruyHLjd3bfy6Uhvbw27EHQMPe3G8J ZrXaRUbu0sGjPzlceCQaiBQCZO2tVNzLTHZyo6OdnhNmfVcQ+wXi6XLrDMoF0Zij eHW/FBEOLh+jvA9H2kTIRSJTIX4H37/DoGSKEyC1b8RnrOrPEn/Qv6FG2wbK07BX vpD8Sr4+GpcjfFHaj5X42JNVsDx/VwYqcL8y7kNTskh9XGAIyTHBCVOcob9QDO/0 hgC+uQEx0uc2E/NHPr0Dnskm8ZZDFspNOMBpJsfcr11a9OA5StGSGjzuZke5t4Kn D1p/J3Ft8x7oPJIu+PU8YI1Cl1bjzMnjXc/hzxE5xnD8G1sGR3Q= =o7dM -----END PGP SIGNATURE----- --oxmtneuyrcg6ik66--