The fork::tests::panic_safe unit test has been hanging intermittently in
CQ runs. The root cause isn't understood yet, but the most likely
explanation seems to be that the wait_process helper is hanging.
There should be only two causes for that hang: either the cloned process
is not exiting, or the wait() call in wait_process is not returning.
The wait() should only hang if another thread has already reaped the
cloned process.
In order to help debug the issue, change the general wait() to a
waitpid() on the specific cloned process ID. This will give us more
information about what happens when the test fails - if the waitpid()
returns ECHILD instead of hanging, this will indicate that something
else is waiting on our child process and racing with our wait().
BUG=chromium:925725
TEST=cargo test --release -p sys_util panic_safe
Change-Id: Ib25d88b35b16c75d4d8fe62fc779c9470303368a
Signed-off-by: Daniel Verkamp <dverkamp@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1444317
Tested-by: kokoro <noreply+kokoro@google.com>
Reviewed-by: Zach Reizner <zachr@chromium.org>
Logically, each VCPU is using GuestMemory, which holds a ref count to
the underlying memory mappings. This change formalizes this by giving an
actual reference of GuestMemory to each Vcpu struct.
This change is needed because the Vm can go out of scope and clean up
its reference, but the Vcpus may still be running, triggering an EFAULT
and a lot of confused days spent debugging.
TEST=With the unwind panic handler, trigger a panic right after the
final vcpu thread barrier. If the VCPU threads do not complain
about EFAULT (errno 14), this change worked.
BUG=None
Change-Id: I6289147de0adde61c81630357701487937b17ade
Reviewed-on: https://chromium-review.googlesource.com/1441355
Commit-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com>
Tested-by: kokoro <noreply+kokoro@google.com>
Tested-by: Zach Reizner <zachr@chromium.org>
Reviewed-by: Dylan Reid <dgreid@chromium.org>
This device tree is derived from the Android fstab file which is
provided via command line flag.
BUG=chromium:922737
TEST=None
CQ-DEPEND=CL:1415390
CQ-DEPEND=CL:1415270
Change-Id: Idd007c844f84cab3ff37be16a718f14e5f630312
Reviewed-on: https://chromium-review.googlesource.com/1370058
Commit-Ready: Daniel Verkamp <dverkamp@chromium.org>
Tested-by: kokoro <noreply+kokoro@google.com>
Reviewed-by: Dylan Reid <dgreid@chromium.org>
The Ac97 device provides the guest with an audio playback device. All
input devices are stubbed out. Only playback at 48kHz is supported.
The device is emulated by `Ac97Dev` which interfaces with the PCI bus.
`Ac97Dev` uses `Ac97` to drive audio functions and emulate the device
registers. Physical Ac97 devices consist of two parts, the bus master
and a mixer. These two sets of registers are emulated by the
`Ac97BusMaster` and `Ac97Mixer` structures.
`Ac97BusMaster` handles audio samples and uses `Ac97Mixer` to determine
the configuration of the audio backend.
BUG=chromium:781398
TEST=crosvm run --disable-sandbox --null-audio --rwdisk gentoo.ext4 -c2
-m2048 -p 'root=/dev/vda snd_intel8x0.inside_vm=1
snd_intel8x0.ac97_clock=48000' vmlinux.bin
and play audio with aplay -d2 -Dhw:0,0 -f dat /dev/urandom
CQ-DEPEND=CL:1402264
CQ-DEPEND=CL:1421588
CQ-DEPEND=CL:1433794
CQ-DEPEND=CL:1432835
Change-Id: I9985ffad753bccc1bf468ebbdacec0876560a5e0
Signed-off-by: Dylan Reid <dgreid@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1366544
Commit-Ready: Chih-Yang Hsia <paulhsia@chromium.org>
Tested-by: kokoro <noreply+kokoro@google.com>
Tested-by: Chih-Yang Hsia <paulhsia@chromium.org>
Reviewed-by: Chih-Yang Hsia <paulhsia@chromium.org>
After trying symlinks and bind-mounts and various other shenanigans,
give up and move the crosvm working directory to a relative path that is
the same as in the chrome OS chroot.
This allows other crates in the cros checkout to find the crosvm crates
they depend on.
Signed-off-by: Dylan Reid <dgreid@chromium.org>
Change-Id: I643497f08c59328e02775ad3ac0ef9feafbf2930
Reviewed-on: https://chromium-review.googlesource.com/1436595
Commit-Ready: Chih-Yang Hsia <paulhsia@chromium.org>
Tested-by: kokoro <noreply+kokoro@google.com>
Reviewed-by: Chih-Yang Hsia <paulhsia@chromium.org>
Reviewed-by: Zach Reizner <zachr@chromium.org>
Each device (Bus, Pci, Proxy, etc), gets a debug label associated with
it. When a child is spawned, the debug label for it is stored in
a map with the child's pid as the key. If a SIGCHLD is handled, this map
is used to print a more helpful message about exactly which child died.
BUG=None
TEST=run with sandboxing and a faulty child device
check logs for message about child died
the child should have a debug label
Change-Id: I61fbbee0a8e701249533a7a3a6a1ad48840f12e5
Reviewed-on: https://chromium-review.googlesource.com/1432835
Commit-Ready: Chih-Yang Hsia <paulhsia@chromium.org>
Tested-by: kokoro <noreply+kokoro@google.com>
Tested-by: Zach Reizner <zachr@chromium.org>
Reviewed-by: Daniel Verkamp <dverkamp@chromium.org>
Some crates that are needed for crosvm need crates that live inside the
crosvm directory. To allow those crates to be used, add a symlink that
allows access to the crosvm source code from a path equivalent to that
used inside the Chrome OS chroot.
In particular, the cras crate is needed by devices and devices needs the
data_model and sys_util crates. Creating a platform/crosvm directory
parallel to the third_party/adhd directory lets the build of the cras
crates find their dependencies.
Signed-off-by: Dylan Reid <dgreid@chromium.org>
Change-Id: I2a1e28638e80c8008b1ecc29c2b0b69cba1c13e2
Reviewed-on: https://chromium-review.googlesource.com/1433518
Tested-by: kokoro <noreply+kokoro@google.com>
Reviewed-by: Chih-Yang Hsia <paulhsia@chromium.org>
This CL adds a "tpm" Cargo cfg to crosvm which enables a TPM device
backed by libtpm2 simulator.
Tested by running the following inside cros_sdk:
LIBRARY_PATH=~/src/minijail LD_LIBRARY_PATH=~/src/minijail \
cargo run --release \
--features tpm \
-- \
run \
-r rootfs.ext4 \
--seccomp-policy-dir seccomp/x86_64/ \
-p init=/bin/bash \
-p panic=-1 \
--disable-sandbox \
vmlinux.bin
with a Linux image built from CL:1387655.
The TPM self test completes successfully with the following output:
https://paste.googleplex.com/5996075978588160?raw
Justin's TPM playground runs with the following trace output.
https://paste.googleplex.com/4909751007707136?raw
Design doc: go/vtpm-for-glinux
TEST=ran TPM playground program inside crosvm
TEST=local kokoro
BUG=chromium:911799
Change-Id: I2feb24a3e38cba91f62c6d2cd1f378de4dd03ecf
Reviewed-on: https://chromium-review.googlesource.com/1387624
Commit-Ready: David Tolnay <dtolnay@chromium.org>
Tested-by: David Tolnay <dtolnay@chromium.org>
Tested-by: kokoro <noreply+kokoro@google.com>
Reviewed-by: Dylan Reid <dgreid@chromium.org>
Under the old command, the build would fail with:
Step 15/25 : COPY pkgconfig/* /usr/lib/pkgconfig
COPY failed: no source files were specified
The Docker documentation at
https://docs.docker.com/v18.03/engine/reference/builder/
explains:
Note: If you build using STDIN (docker build - < somefile), there is
no build context, so COPY cant be used.
TEST=it built successfully
Change-Id: I4d9fcb085009f4a47d7caecabf6eb711f5cab6b7
Reviewed-on: https://chromium-review.googlesource.com/1431356
Commit-Ready: David Tolnay <dtolnay@chromium.org>
Tested-by: David Tolnay <dtolnay@chromium.org>
Tested-by: kokoro <noreply+kokoro@google.com>
Reviewed-by: Daniel Verkamp <dverkamp@chromium.org>
Together, these allow tests to create a FakeTimerFd that they can
trigger at a particular point in the test code, without having to rely
on sleep()s or other racy methods.
BUG=None
TEST=Unit tests for FakeTimerFd + dependent CL.
Change-Id: I14381272a6d75bebcdedb0a329a017a2131a3482
Reviewed-on: https://chromium-review.googlesource.com/1413830
Commit-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com>
Tested-by: Miriam Zimmerman <mutexlox@chromium.org>
Tested-by: kokoro <noreply+kokoro@google.com>
Reviewed-by: David Tolnay <dtolnay@chromium.org>
Reviewed-by: Dylan Reid <dgreid@chromium.org>
Not all tests can run on arches other than x86, annotate them
accordingly.
BUG=None
TEST=cargo test -p kvm
Change-Id: I38c90f1431b7fbd9059f5c309dc28264bbbcdb99
Signed-off-by: Dmitry Torokhov <dtor@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1419206
Tested-by: kokoro <noreply+kokoro@google.com>
Update the readme to indicate that crosvm starts in multiprocess mode by
default.
Also fix a few typos I spotted while skimming the rest of the document.
BUG=None
TEST=None
Change-Id: Ia3992ec7cbf27be984269f5399d48e7fd5c6fc8f
Signed-off-by: Daniel Verkamp <dverkamp@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1428339
Commit-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com>
Tested-by: kokoro <noreply+kokoro@google.com>
Reviewed-by: Zach Reizner <zachr@chromium.org>
`libc::c_char` is `u8` instead of `i8` in arm, the test should use
`libc::c_char` directly.
Test unit tests with different architectures.
BUG=chromium:907520
TEST=$ FEATURES=test emerge-{kevin,eve} sys_util
Change-Id: Ie70da89470487d95675cb06b761e9ae9057bc38f
Reviewed-on: https://chromium-review.googlesource.com/1430400
Commit-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com>
Tested-by: kokoro <noreply+kokoro@google.com>
Tested-by: Chih-Yang Hsia <paulhsia@chromium.org>
Reviewed-by: David Tolnay <dtolnay@chromium.org>
Reviewed-by: Zach Reizner <zachr@chromium.org>
On KVM implementations that use a paravirtualized clock (e.g. x86), a flag
must be set to indicate to the guest kernel that a VCPU was suspended. The
guest kernel will use this flag to prevent the soft lockup detection from
triggering when this VCPU resumes, which could happen days later in real time.
BUG=chromium:920875
TEST=inside VM `sha256sum /dev/urandom`, `crosvm suspend`, wait 30
seconds, `crosvm resume`
Change-Id: Id479ec0c26c17499ce0d638185a79e7b19ccc69c
Reviewed-on: https://chromium-review.googlesource.com/1417190
Commit-Ready: Zach Reizner <zachr@chromium.org>
Tested-by: kokoro <noreply+kokoro@google.com>
Tested-by: Zach Reizner <zachr@chromium.org>
Reviewed-by: Dylan Reid <dgreid@chromium.org>
This ioctl will be used to resolve an issue where the jump forward in
kvmclock on suspended VCPUs upon resume triggers the soft lockup
detection. Using this ioctl prevents this detection from triggering,
preventing a kernel panic on resume.
TEST=cargo test -p kvm
BUG=chromium:920875
Change-Id: Id1402a9d67d790e5e7e8655f2e5916210cc6e7cc
Reviewed-on: https://chromium-review.googlesource.com/1415849
Commit-Ready: Zach Reizner <zachr@chromium.org>
Tested-by: kokoro <noreply+kokoro@google.com>
Tested-by: Zach Reizner <zachr@chromium.org>
Reviewed-by: Zach Reizner <zachr@chromium.org>
This change adds the suspend and resume commands to crosvm, as well as
corresponding VmRequest variants and VCPU loop support. When a request
triggers a VmRunMode change, the Mutex guarded shared VmRunMode variable
is mutated and the associated Condvar is notified. Each VCPU thread is
interrupted to kick it out of the KVM_RUN call and checks the VmRunMode,
If the VCPU was already suspended by waiting for the Condvar, the
notify_all call will wake up the thread, upon which the VCPU thread can
respond to the new mode.
TEST=crosvm suspend/crosvm resume
BUG=chromium:920875
Change-Id: Ibbeb748ab0d64402c7196890815e8e1cb4dfca38
Reviewed-on: https://chromium-review.googlesource.com/1416317
Commit-Ready: Zach Reizner <zachr@chromium.org>
Tested-by: kokoro <noreply+kokoro@google.com>
Tested-by: Zach Reizner <zachr@chromium.org>
Reviewed-by: Dylan Reid <dgreid@chromium.org>
The Condvar wrapper exposed by this change is analogous to the Mutex
wrapper in this crate. Instead of a Result being returned in the case of
a poisoned Mutex, a panic is triggered.
TEST=cargo build
BUG=chromium:920875
Change-Id: Id8bd6bc2891bfc5c8ce334fbdb482ef40500f2d7
Reviewed-on: https://chromium-review.googlesource.com/1416316
Commit-Ready: Zach Reizner <zachr@chromium.org>
Tested-by: kokoro <noreply+kokoro@google.com>
Tested-by: Zach Reizner <zachr@chromium.org>
Reviewed-by: David Tolnay <dtolnay@chromium.org>
Reviewed-by: Dylan Reid <dgreid@chromium.org>
A future change will allow crosvm to play audio through cras. To do that
it needs to use some crates that live in the adhd repository. Add the
repository to the kokoro image at a path where Cargo can find the
crates.
Change-Id: I1542090ba0db6fd0f3ac60dcc2e7bb35502a4944
Signed-off-by: Dylan Reid <dgreid@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1429311
Commit-Ready: Chih-Yang Hsia <paulhsia@chromium.org>
Tested-by: kokoro <noreply+kokoro@google.com>
Reviewed-by: Chih-Yang Hsia <paulhsia@chromium.org>
To support eclass migration for crosvm ebuild from crate to cros-rust.
This CL need to be built with cros-rust version crosvm ebuild.
- Upgrage crate cc from 1.0.15 to 1.0.25.
- Change local tempdir version from 0.3.5 to 0.3.7 for ebuild
integration.
- Remove 9s directory since it's moved to platform2.
BUG=chromium:781398
BUG=chromium:907520
TEST=Run $ FEATURES=test emerge-eve crosvm
in a clean chroot
CQ-DEPEND=CL:1421303
Change-Id: Iab615b555a51f8020e5efae1cc40ac6b54ea87f2
Reviewed-on: https://chromium-review.googlesource.com/1421237
Commit-Ready: Chih-Yang Hsia <paulhsia@chromium.org>
Tested-by: kokoro <noreply+kokoro@google.com>
Tested-by: Chih-Yang Hsia <paulhsia@chromium.org>
Reviewed-by: Zach Reizner <zachr@chromium.org>
PollContext is not thread safe while the underlying epoll is thread
safe. This is because PollContext owns EpollEvents, to offer an easy to
use interface. User of this package might want a thread safe version of Epoll.
This CL decouples events from epoll fd, thus providing thread safe epoll.
BUG=None
TEST=cargo build and run
Change-Id: I786b1d186664fdb4a95ce4d3062b044d27b74d40
Reviewed-on: https://chromium-review.googlesource.com/1320429
Commit-Ready: Jingkui Wang <jkwang@google.com>
Tested-by: Jingkui Wang <jkwang@google.com>
Reviewed-by: Zach Reizner <zachr@chromium.org>
CL:1385972 breaks building these crates because they are not in the
workspace of the top level Cargo.toml so the patch.crates-io setting of
the top level Cargo.toml does not take effect. They end up looking for
their dependencies on crates.io rather than in the parent directory.
Being able to build just data_model and sys_util on their own is useful
when iterating on a change in one of them and needing to run `cargo
test` (as I tried to do today). The errors without this CL are like
this:
error: no matching package named `assertions` found
location searched: registry `https://github.com/rust-lang/crates.io-index`
required by package `data_model v0.1.0 (/path/to/crosvm/data_model)`
BUG=chromium:916921
TEST=cargo check in data_model and sys_util
TEST=cargo test as well
TEST=emerge-amd64-generic crosvm
TEST=FEATURES=test emerge-amd64-generic data_model, sys_util
CQ-DEPEND=CL:1409854
Change-Id: I7bd34f38507c1cea72380f515ce2dd0835aec4fa
Reviewed-on: https://chromium-review.googlesource.com/1403887
Commit-Ready: David Tolnay <dtolnay@chromium.org>
Tested-by: David Tolnay <dtolnay@chromium.org>
Tested-by: kokoro <noreply+kokoro@google.com>
Reviewed-by: Chih-Yang Hsia <paulhsia@chromium.org>
Factor out the common parts of kernel loading code from x86_64 and
aarch64. This will be used to load initrds as well.
BUG=None
TEST=Boot termina on kevin
Change-Id: I0f61fdaf1067311d25393e8d64340f570f5a6ed7
Signed-off-by: Daniel Verkamp <dverkamp@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1407220
Tested-by: kokoro <noreply+kokoro@google.com>
Reviewed-by: Dylan Reid <dgreid@chromium.org>
Required for CL:1387624 which uses libtpm2 as a TPM simulator.
BUG=chromium:911799
TEST=build kokoro image, test master as well as TPM CL in it
Change-Id: I636be593a245ecd7ac10bc71319dee48e6511e97
Reviewed-on: https://chromium-review.googlesource.com/1419397
Commit-Ready: David Tolnay <dtolnay@chromium.org>
Tested-by: David Tolnay <dtolnay@chromium.org>
Tested-by: kokoro <noreply+kokoro@google.com>
Reviewed-by: Stephen Barber <smbarber@chromium.org>
the few uses of rand::thread_rng() have been replaced with either
prngs or reads from /dev/urandom. the implementations are under
the `rand_ish` minicrate.
`protoc-rust` depends on `tempdir`, which relies on rand, so
`tempdir` has been patched with a rewritten version that does not
have rand as a dependency.
BUG=chromium:921795
TEST=cargo test --features plugin
Change-Id: I6f1c7d7a1aeef4dd55ac71e58294d16c291b8871
Reviewed-on: https://chromium-review.googlesource.com/1409705
Commit-Ready: Daniel Prilik <prilik@google.com>
Tested-by: kokoro <noreply+kokoro@google.com>
Reviewed-by: Zach Reizner <zachr@chromium.org>
The program header p_type field is an enumerated value, not a bitfield.
BUG=None
TEST=Boot a kernel
Change-Id: I5327cc8de9d8401a74c86fd4f3deab9f390c0924
Signed-off-by: Daniel Verkamp <dverkamp@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1412835
Tested-by: kokoro <noreply+kokoro@google.com>
Reviewed-by: Dylan Reid <dgreid@chromium.org>
This allows manual resizing of block devices at runtime via the command
line ('crosvm disk resize <index> <size>'). The virtio config interrupt
is asserted when the disk size changes so that the guest driver can
update the block device to the updated size.
Currently, there is no automatic policy for resizing disks - that will
be implemented in another change. Additionally, this resize operation
just changes the size of the block device; the filesystem will need to
be resized by the guest (e.g. via the 'btrfs filesystem resize' command)
as a separate step either before (shrinking) or after (expanding) the
disk resize operation.
BUG=chromium:858815
TEST=Start crosvm with a control socket (-s) and resize the disk with
'crosvm disk resize' from another shell.
Change-Id: I01633a7af04bfbaffbd27b9227274406d2a2b9cb
Signed-off-by: Daniel Verkamp <dverkamp@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1394152
Tested-by: kokoro <noreply+kokoro@google.com>
Reviewed-by: Zach Reizner <zachr@chromium.org>
Reviewed-by: Dylan Reid <dgreid@chromium.org>
This CL adds a TPM simulator based on tpm2-sys, similar to the one in
trunks:
e4cf13c057/trunks/tpm_simulator_handle.cc
Intended usage:
let mut simulator = tpm2::Simulator::singleton_in_current_directory();
let command = &[ /* ... */ ];
let response = simulator.execute_command(command);
println!("{:?}", response);
TEST=cargo test
TEST=emerge-amd64-generic crosvm
BUG=chromium:911799
Change-Id: I142db1b7961f64f1765417533b8379b2601e20e0
Reviewed-on: https://chromium-review.googlesource.com/1396281
Commit-Ready: David Tolnay <dtolnay@chromium.org>
Tested-by: David Tolnay <dtolnay@chromium.org>
Reviewed-by: Zach Reizner <zachr@chromium.org>
This CL adds a tpm2-sys crate that builds libtpm2 from source (from a
git submodule) using the existing Makefile and then links the generated
static library as -ltpm2.
For production builds there is a flag `RUSTFLAGS='--cfg hermetic'` to
disallow building our own libtpm2. Instead it will expect to find
libtpm2 installed in the standard system location. Building from the
libtpm2 submodule is a convenience only intended for developer
environments.
The functions exposed by tpm2-sys are the ones that will be necessary to
initialize a TPM simulator in crosvm and execute TPM commands. Trunks
uses the same functions for its simulator mode here:
e4cf13c057/trunks/tpm_simulator_handle.cc
Tested by running:
fn main() {
unsafe {
tpm2_sys::TPM_Manufacture(1);
}
}
inside cros_sdk. Libtpm2 cannot be built outside of cros_sdk because it
requires openssl 1.0.2p, whereas dev machines come with openssl 1.1.0j.
I have not yet added any dependency on tpm2-sys from crosvm, but when it
does get added it will be behind a tpm feature flag so that crosvm can
continue to build outside of cros_sdk just without tpm support.
I published num_cpus version 1.9.0 to chromeos-localmirror.
TEST=running the code snippet above as described
BUG=chromium:911799
Change-Id: I097729bc447f9dc95e39959a426d1ac42f46b16d
Reviewed-on: https://chromium-review.googlesource.com/1396280
Commit-Ready: David Tolnay <dtolnay@chromium.org>
Tested-by: David Tolnay <dtolnay@chromium.org>
Reviewed-by: Chirantan Ekbote <chirantan@chromium.org>
Reviewed-by: Zach Reizner <zachr@chromium.org>
Add GuestMemory::write_all_at_addr, GuestMemory::read_exact_at_addr
which return error if the entire write or read cannot be completed.
Also rename write_slice_at_addr to write_at_addr, read_slice_at_addr to
read_at_addr to make the entire set of four methods consistent in naming
with the methods of std::io::Write and std::io::Read.
Context:
https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/1387624/16/devices/src/virtio/tpm.rs#75
TEST=cargo test
Change-Id: Ia0775b75281ccf8030c84b41f9018a511204b8c9
Reviewed-on: https://chromium-review.googlesource.com/1407156
Commit-Ready: David Tolnay <dtolnay@chromium.org>
Tested-by: David Tolnay <dtolnay@chromium.org>
Reviewed-by: Dylan Reid <dgreid@chromium.org>
std::os::net only supprts UnixDatagram and UnixStream, so we need this to
support the connection to socket opened with SOCK_SEQPACKET flag.
It only supports public API connect, write, try_clone, and read now.
BUG=chromium:907520
TEST=Use
$ FEATURES=test emerge-eve sys_util
to run unit tests.
Change-Id: I61a9acd4fa2e601e93b1f76dc1758cb61a433205
Reviewed-on: https://chromium-review.googlesource.com/1390077
Commit-Ready: Chih-Yang Hsia <paulhsia@chromium.org>
Tested-by: Chih-Yang Hsia <paulhsia@chromium.org>
Reviewed-by: Zach Reizner <zachr@chromium.org>
Fixes a compiler warning when building with plugin enabled.
BUG=None
TEST='cargo build --features=plugin'
Change-Id: Icbd731b249089d271caca17e192b7a539ba7219c
Signed-off-by: Daniel Verkamp <dverkamp@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1401124
Reviewed-by: Chirantan Ekbote <chirantan@chromium.org>
The crosvm run --plugin option was behind #[cfg(feature = "plugin")],
but the recently-added --plugin-root and --plugin-mount were not. Add
feature checks around those options as well so that they are only
enabled when the plugin feature is enabled (and so they don't show up in
crosvm run -h for a non-plugin build).
Also allow dead code in struct BindMount, since this is only used for
plugin-enabled builds.
We could wrap all of the plugin-related command line parsing code with
feature checks instead, but that adds a lot of clutter and makes the
code harder to read.
BUG=None
TEST='cargo build' and 'cargo build --features=plugin'
Change-Id: Ieb240cfc55b8cad64748fe39c7de5faa58f1a26c
Signed-off-by: Daniel Verkamp <dverkamp@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1401123
Reviewed-by: Chirantan Ekbote <chirantan@chromium.org>
The plugin process may need access to writable directories where it can
store its state. Add a plugin-mount option to specify paths that should
be mounted into the plugin's jail.
BUG=b:80150167
TEST=run plugin_adder and plugin_net_config
Change-Id: I2c87d19ab67edaaf99a2cfea6872d3531101d260
Signed-off-by: Chirantan Ekbote <chirantan@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1341106
Add support for having the tap fd be passed in on the command line the
same way we do for linux.
BUG=b:80150167
TEST=run plugin_net_config (after changing the expected ip/netmask/mac
address appropriately)
Change-Id: Ic81b167b7bb2caa71ce5931921b87d9eeca69af9
Signed-off-by: Chirantan Ekbote <chirantan@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1341105
We use the tap device interface name in some ioctls. When we are
creating a Tap struct from a raw fd make sure that we also grab the
interface name so that these ioctls don't fail later.
BUG=b:80150167
TEST=run the plugin_net_config test
Change-Id: Ic308ebd55d0545c1b445fc6abdf017fdc7ab594b
Signed-off-by: Chirantan Ekbote <chirantan@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1341104
When minijail is given a uid/gid map but is not given a uid/gid to
change to, it will default to setting the uid/gid inside the new user
namespace to root. This works fine if crosvm is launched as root but
fails miserably otherwise since we only map the current euid/egid into
the user namespace (and so 0 is not a valid uid/gid).
We would normally want to fix this by having minijail change its uid/gid
to the current euid/egid. However, because of the way minijail is set
up it only attempts to enter a new net namespace after exec-ing the
program to be jailed. Entering a new net namespace requires
CAP_SYS_ADMIN in the current namespace and this capability gets dropped
the moment we switch to a non-root user.
So to deal with this we map root inside the namespace to the crosvm user
outside the namespace. This allows us to enter a new net namespace and
we already tell minijail to drop all caps so the plugin will not have
any caps when it actually runs.
BUG=b:80150167
TEST=run plugin_adder
Change-Id: I10c9e6bef859fd787dd6e17d5cf2ff3e552501fb
Signed-off-by: Chirantan Ekbote <chirantan@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1341103
Commit-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com>
Reviewed-by: Dylan Reid <dgreid@chromium.org>