A proposed set of kernel patches makes it possible to map anonymous
MAP_SHARED mappings into the IPA space of a virtual machine with MTE
enabled. With these patches we can use most features of crosvm with the
exception of pmem which relies on being able to make file mappings in the
IPA space. Therefore, we make MTE an opt-in feature via the --mte command
line argument and forbid specifying --mte together with --pmem-device
or --rw-pmem-device.
Bug: b:234779841
Change-Id: I70bf2d0a8c1aff7c5956d6009ca5169a623bc6b2
Reviewed-on: https://chromium-review.googlesource.com/c/crosvm/crosvm/+/3892141
Reviewed-by: Daniel Verkamp <dverkamp@chromium.org>
Auto-Submit: Peter Collingbourne <pcc@chromium.org>
Commit-Queue: Peter Collingbourne <pcc@chromium.org>
On glinux people may have set up the google internal mdformat
tool, which is different from the open source mdformat tool.
BUG=b:236962138
TEST=./tools/health-check --all markdown_format
with PATH updated to use both versions
Change-Id: Ia6b783c52195f2edd33eb836333b28f257be8a32
Reviewed-on: https://chromium-review.googlesource.com/c/crosvm/crosvm/+/3894236
Reviewed-by: Zihan Chen <zihanchen@google.com>
Commit-Queue: Dennis Kempin <denniskempin@google.com>
Add a call to the install_memfd_handler() function so that panics
produce a specially named memfd to store the panic information for
retrieval by the crash reporter.
A new panic-memfd feature (enabled by default with --features=chromeos)
is added to control this functionality.
BUG=b:234093439
TEST=emerge-hatch crosvm
Change-Id: Ibc92b3970609d097371b0019d6f1c8d00a3e5f15
Reviewed-on: https://chromium-review.googlesource.com/c/crosvm/crosvm/+/3892142
Reviewed-by: Dennis Kempin <denniskempin@google.com>
Reviewed-by: Paramjit Oberoi <psoberoi@google.com>
Commit-Queue: Daniel Verkamp <dverkamp@chromium.org>
This search/replace updates all copyright notices to drop the
"All rights reserved", Use "ChromiumOS" instead of "Chromium OS"
and drops the trailing dots.
This fulfills the request from legal and unifies our notices.
./tools/health-check has been updated to only accept this style.
BUG=b:246579983
TEST=./tools/health-check
Change-Id: I87a80701dc651f1baf4820e5cc42469d7c5f5bf7
Reviewed-on: https://chromium-review.googlesource.com/c/crosvm/crosvm/+/3894243
Reviewed-by: Daniel Verkamp <dverkamp@chromium.org>
Commit-Queue: Dennis Kempin <denniskempin@google.com>
generated files and a list of excluded files are skipped.
Others are fixed to include the missing header.
BUG=b:246579983
TEST=./tools/health-check --all copyright_header
Change-Id: I13e9bf79df18789f1ed4b83fc47c0c2e080d70a8
Reviewed-on: https://chromium-review.googlesource.com/c/crosvm/crosvm/+/3894240
Reviewed-by: Daniel Verkamp <dverkamp@chromium.org>
We are going to need to start passing a new arch-dependent configuration
parameter to KvmVm::new in addition to protection_type. Since we can't
[cfg] a function argument, and to avoid churning the tests the next time
we need another argument, let's create a hypervisor::Config struct and
start passing protection_type that way.
Bug: b:234779841
Change-Id: I42ce9438b064658ebb9732e78ee5c82dac2636b6
Reviewed-on: https://chromium-review.googlesource.com/c/crosvm/crosvm/+/3892140
Reviewed-by: Daniel Verkamp <dverkamp@chromium.org>
Commit-Queue: Peter Collingbourne <pcc@chromium.org>
This makes it easier to diagnose what is going wrong with the --vfio
option, as it will now print the actual path (e.g. "/dev/vfio/38")
rather than just "/dev/vfio/$group_num".
BUG=None
TEST=crosvm run --vfio /some/sysfs/pci/path
Change-Id: I18c196151d807827bcba348b9453fd2ef7c1a9b9
Reviewed-on: https://chromium-review.googlesource.com/c/crosvm/crosvm/+/3892131
Commit-Queue: David Stevens <stevensd@chromium.org>
Auto-Submit: Daniel Verkamp <dverkamp@chromium.org>
Reviewed-by: David Stevens <stevensd@chromium.org>
They were causing some weird formatting in Kakoune's Rust syntax
highlighter.
Change-Id: I9281cfa75391eb991f479d2370f09db942a1fb64
Reviewed-on: https://chromium-review.googlesource.com/c/crosvm/crosvm/+/3892139
Auto-Submit: Peter Collingbourne <pcc@chromium.org>
Commit-Queue: Peter Collingbourne <pcc@chromium.org>
Commit-Queue: Daniel Verkamp <dverkamp@chromium.org>
Reviewed-by: Daniel Verkamp <dverkamp@chromium.org>
Brings up the master request handler on Windows. To stay within the
existing protocol, PackedTube was introduced, which is able to transmit
a Tube via a RawDescriptor.
BUG=b:221882601
TEST=presubmit & cargo test & tested downstream
Change-Id: Ibd4c2f55c42738392beed5b15b8d445e47890627
Reviewed-on: https://chromium-review.googlesource.com/c/crosvm/crosvm/+/3856828
Reviewed-by: David Stevens <stevensd@chromium.org>
Commit-Queue: Idan Raiter <idanr@google.com>
Reviewed-by: Daniel Verkamp <dverkamp@chromium.org>
Add the minimal cfg checks to let the Windows target build without
--features=balloon enabled. This doesn't fully guard all uses of balloon
related types, just enough to make it compile, since it's intertwined
with other features (e.g. "kiwi").
BUG=None
TEST=cargo build --no-default-features
Change-Id: I013d84d07edb39d318bcd1be718a914e2282ea25
Reviewed-on: https://chromium-review.googlesource.com/c/crosvm/crosvm/+/3885497
Reviewed-by: Noah Gold <nkgold@google.com>
Commit-Queue: Daniel Verkamp <dverkamp@chromium.org>
Add a top-level stats feature that selects devices/stats and guard the
uses of stats-related types with a cfg check. Fixes the Windows build
when the stats feature is not enabled. No change in behavior when
building with the win64 feature, as that selected the stats feature
already.
BUG=None
TEST=cargo build --no-default-features
Change-Id: I468f6c34509753d640ea002199da74e1729d25f7
Reviewed-on: https://chromium-review.googlesource.com/c/crosvm/crosvm/+/3885496
Reviewed-by: Noah Gold <nkgold@google.com>
Commit-Queue: Daniel Verkamp <dverkamp@chromium.org>
Re-add a serde default function for JailConfig::seccomp_policy_dir and
use it in the Default impl as well.
Fixes tests when --features=chromeos is enabled.
BUG=b:235858187
TEST=FEATURES=test emerge-hatch crosvm
Change-Id: Iec9152781f098aab05336e794d6eaf3c1105d53b
Reviewed-on: https://chromium-review.googlesource.com/c/crosvm/crosvm/+/3887347
Commit-Queue: Zihan Chen <zihanchen@google.com>
Reviewed-by: Zihan Chen <zihanchen@google.com>
Auto-Submit: Daniel Verkamp <dverkamp@chromium.org>
This patch modifies the way we program the watchdog internal counter to
prevent spurious resets when the guest is not scheduled to run.
The internal counter consists of a per-cpu POSIX timer and an associated
countdown register and is used to detect whether we missed periodic
heart-beat events from the guest. Add tests to verify the watchdog
expiration condition.
In this change we re-program the one-shot timer after we detected that
there are no events sent from the guest and the guest didn't run.
We detect that the guest is not running by looking
at the reported time from /proc/stat entry (guest_time).
We can enter in this state if the
guest is not scheduled to run, or is busy waiting for some MMIO
operation to finish. To detect a stall, we look for the value of the
guest_time field and if it changed between sub-sequent expiration events
then the guest is running, but it is not serving our watchdog.
Bug: 213422094
Change-Id: I0999f6ead350ac30a6ef6f600e57ec1805b40746
Signed-off-by: Sebastian Ene <sebastianene@google.com>
Reported-by: Will Deacon <willdeacon@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/crosvm/crosvm/+/3872276
Reviewed-by: Will Deacon <willdeacon@google.com>
Reviewed-by: Daniel Verkamp <dverkamp@chromium.org>
Handle EINTR returned from io_uring_enter. This fixes an issue where
trying to strace an io_uring enabled device would cause the device to
exit.
BUG=None
TEST=attach strace to io_uring enabled crosvm
Change-Id: I2e808a51c3274b98f1caa18dbedd3164f2bd6aef
Reviewed-on: https://chromium-review.googlesource.com/c/crosvm/crosvm/+/3881686
Commit-Queue: David Stevens <stevensd@chromium.org>
Reviewed-by: Keiichi Watanabe <keiichiw@chromium.org>
Reviewed-by: Takaya Saeki <takayas@chromium.org>
The haxm vcpu code abused MemoryMapping to hold what is effectively a
raw pointer, not something created by mmap()/MapViewOfFile().
Additionally, the MemoryMapping was converted into a pointer and then
into a Rust &ref, which is inappropriate for memory that can be aliased
by the hypervisor.
Use raw pointers instead of unsoundly casting into a reference and add
unsafe blocks as appropriate.
Change-Id: I218093d512419beb1d9f23df9a45c7413c0f83c0
Reviewed-on: https://chromium-review.googlesource.com/c/crosvm/crosvm/+/3827178
Reviewed-by: Vaibhav Nagarnaik <vnagarnaik@google.com>
Reviewed-by: Dennis Kempin <denniskempin@google.com>
Commit-Queue: Dennis Kempin <denniskempin@google.com>
This is a reland of commit 4811773029
The landed commit was an old revision pushed by mistake. It was not the
latest reviewed revision and did not compile.
This reland replaces it with the intended revision.
Original change's description:
> virtio: video: encoder: Handle SET_PARAMS_EXT's resource_type.
>
> Previously we kept using the initial value and while this was fine for
> ARC because VirtioObject was the initial value negotiated by the kernel
> and ARC only used VirtioObject anyway, but this broke when using FFmpeg
> which would use the mmap buffers of V4L2.
>
> Handle the type switch like we did in the decoder.
>
> BUG=None
> TEST=arc.VideoDecodeAccel*_vm,arc.VideoEncodeAccel*_vm on hatch
>
> Change-Id: I6f1c2d1bdaf18efb559528dfadb10baf32dbb757
> Reviewed-on: https://chromium-review.googlesource.com/c/crosvm/crosvm/+/3840991
> Reviewed-by: Alexandre Courbot <acourbot@chromium.org>
> Tested-by: Tatsuyuki Ishi <ishitatsuyuki@google.com>
> Commit-Queue: Tatsuyuki Ishi <ishitatsuyuki@google.com>
Bug: None
Change-Id: Ica1bcad2ffffa66d8561010e8355f2989e961fa5
Reviewed-on: https://chromium-review.googlesource.com/c/crosvm/crosvm/+/3881683
Tested-by: Tatsuyuki Ishi <ishitatsuyuki@google.com>
Reviewed-by: Daniel Verkamp <dverkamp@chromium.org>
Commit-Queue: Daniel Verkamp <dverkamp@chromium.org>
Auto-Submit: Tatsuyuki Ishi <ishitatsuyuki@google.com>
Seccomp policy files will now pre-compile to bpf bytecode for
target architecture and embedded in the crosvm binary when not
built for chrome os.
When minijail is not checked out in crosvm tree as a submodule,
MINIJAIL_DIR environment variable needs to be specified for the
policy compiler to run.
Integration tests are now sandbox enabled for better coverage.
TEST=all tests passed, vm runs fine with sandbox on and no separate
policy files present. cros deploy & crostini still works.
BUG=b:235858187
FIXED=b:226975168
Change-Id: Ieaba4b3d7160ccb342a297ebc374894d19a8dc4d
Reviewed-on: https://chromium-review.googlesource.com/c/crosvm/crosvm/+/3824062
Reviewed-by: Daniel Verkamp <dverkamp@chromium.org>
Tested-by: Zihan Chen <zihanchen@google.com>
Commit-Queue: Zihan Chen <zihanchen@google.com>
You can now use:
./tools/test_target --build-target=mingw64 set host && source .envrc
to set up the local environment to build/test via wine64.
BUG=b:241495641
TEST=see above
Change-Id: I498d4fda4cb84c2b8326e91f10b42cf33d8c8c41
Reviewed-on: https://chromium-review.googlesource.com/c/crosvm/crosvm/+/3885375
Reviewed-by: Daniel Verkamp <dverkamp@chromium.org>
Commit-Queue: Dennis Kempin <denniskempin@google.com>
Tested-by: Dennis Kempin <denniskempin@google.com>
Otherwise we won't be able to find the corresponding gerrit change
if the commit has been ammended.
BUG=b:239840337
TEST=./tools/cl status
Change-Id: I5a9673414145a0dcc0547c1de6422992478a3094
Reviewed-on: https://chromium-review.googlesource.com/c/crosvm/crosvm/+/3885076
Reviewed-by: Daniel Verkamp <dverkamp@chromium.org>
Tested-by: Dennis Kempin <denniskempin@google.com>
Commit-Queue: Dennis Kempin <denniskempin@google.com>
Fix stderr output and force single threaded execution to preserve
proper output.
BUG=None
TEST=./tools/health-check -vv --all
Change-Id: I3095e1fcd4cb6abb1852d3fcc3170d5f60141dd5
Reviewed-on: https://chromium-review.googlesource.com/c/crosvm/crosvm/+/3884296
Reviewed-by: Daniel Verkamp <dverkamp@chromium.org>
Auto-Submit: Dennis Kempin <denniskempin@google.com>
Commit-Queue: Daniel Verkamp <dverkamp@chromium.org>
Tested-by: Dennis Kempin <denniskempin@google.com>
We have to manually specify color flags when calling processes. Added a
few utility functions to specify those.
BUG=b:243079837
TEST=./tools/health-check --color=always -v
./tools/health-check --color=never -v
Change-Id: I9095a888bbff264d15d3dbba41a2800155aa770f
Reviewed-on: https://chromium-review.googlesource.com/c/crosvm/crosvm/+/3880829
Tested-by: Dennis Kempin <denniskempin@google.com>
Commit-Queue: Dennis Kempin <denniskempin@google.com>
Reviewed-by: Daniel Verkamp <dverkamp@chromium.org>
In preparation for further changes this CL clarifies the
Command API a little:
- Clear distinction between foreground and hidden usage.
- Clarified --verbose and --very-verbose flags.
- Clarified builder API by adding with_ prefix.
- Clarified behavior of quiet
- More detailed --very-verbose prints
BUG=b:243079837
TEST=./tools/health-check --all
Change-Id: Ib3d1671a018010c50ee6fae9cd7e9cef0ac8b515
Reviewed-on: https://chromium-review.googlesource.com/c/crosvm/crosvm/+/3880964
Tested-by: Dennis Kempin <denniskempin@google.com>
Commit-Queue: Dennis Kempin <denniskempin@google.com>
Reviewed-by: Daniel Verkamp <dverkamp@chromium.org>
Remove the deprecated timer-based fence polling strategy, leaving the
async callback-based strategy that is now in use by all Rutabaga
components.
BUG=b:175527587
TEST=glxgears & vkcube in ChromeOS VM
TEST=Vulkan & OpenGL games in ChromeOS VM
TEST=GfxBench in ARCVM
TEST=Asphalt 9 in ARCVM
Change-Id: I75714f82e36f1d6291a875fe3dd47d850ff2eb82
Reviewed-on: https://chromium-review.googlesource.com/c/crosvm/crosvm/+/3880586
Reviewed-by: Daniel Verkamp <dverkamp@chromium.org>
Reviewed-by: Kaiyi Li <kaiyili@google.com>
Reviewed-by: Gurchetan Singh <gurchetansingh@chromium.org>
Commit-Queue: Ryan Neph <ryanneph@google.com>
Tested-by: Ryan Neph <ryanneph@google.com>
Type 11 SMBIOS OEM strings entries are commonly used to pass arbitrary
information into a VM. For example, systemd's credentials[1] system
looks for specially formatted values here.
The main goal here is to allow parameterization of a VM when we're
booting with OVMF, in which case providing parameters via the kernel
cmdline is less useful.
QEMU suports something similar, but this is a significantly simplified
approach, allowing only OEM strings instead of a wider range of DMI
table entries QEMU allows customizing.
[1]: https://systemd.io/CREDENTIALS/
BUG=b:244366989
TEST=cargo test; passed oem strings into vm and confirmed they are in
dmi tables
Change-Id: I5e106983e624c8a244b8074d6944bc0c9acfd748
Reviewed-on: https://chromium-review.googlesource.com/c/crosvm/crosvm/+/3868327
Auto-Submit: Mike Gerow <gerow@google.com>
Commit-Queue: Daniel Verkamp <dverkamp@chromium.org>
Tested-by: Mike Gerow <gerow@google.com>
Reviewed-by: Daniel Verkamp <dverkamp@chromium.org>
The derived method matches what we provide, so just use the derived
method instead of unnecessarily creating our own.
BUG=b:244366989
TEST=build, confirm smbios entries still work
Change-Id: Ia5668c4bcf496cfadcc8f7ca153661df6a1d180d
Reviewed-on: https://chromium-review.googlesource.com/c/crosvm/crosvm/+/3881045
Commit-Queue: Daniel Verkamp <dverkamp@chromium.org>
Auto-Submit: Mike Gerow <gerow@google.com>
Tested-by: Mike Gerow <gerow@google.com>
Reviewed-by: Daniel Verkamp <dverkamp@chromium.org>
Allow PciDevice implementations to indicate that they do not want an IRQ
assigned at all (e.g. for modern PCIe devices that do not support INTx#
interrupts, only MSI/MSI-X) or if they do not have a preferred IRQ but
just want any available IRQ allocation.
BUG=b:245361233
TEST=tools/presubmit --all
Change-Id: Ic6c86d4ce727a7c1b91080873deee5add23f3c9f
Reviewed-on: https://chromium-review.googlesource.com/c/crosvm/crosvm/+/3877203
Reviewed-by: Dmytro Maluka <dmy@semihalf.com>
Tested-by: Dmytro Maluka <dmy@semihalf.com>
Commit-Queue: Daniel Verkamp <dverkamp@chromium.org>
Reviewed-by: Dmitry Torokhov <dtor@chromium.org>
Now that Interrupt owns the interrupt_status as well, we can merge the
two separate Arc wrappers into a single one.
BUG=b:244204463
TEST=tools/presubmit --all
Change-Id: I1c21da31c3e4e8d11ac29cd1c541c20db178591e
Reviewed-on: https://chromium-review.googlesource.com/c/crosvm/crosvm/+/3866049
Reviewed-by: Alexandre Courbot <acourbot@chromium.org>
Commit-Queue: Daniel Verkamp <dverkamp@chromium.org>
Tested-by: Daniel Verkamp <dverkamp@chromium.org>
Per ACPI Machine Language (AML) Specification, all integers encodings
are equally accepted; hence one can always the shortest possible forms.
BUG=None
TEST=./tools/presubmit
Change-Id: I7f1802607e173d41d1ae9ba26a036e9bfcd95121
Reviewed-on: https://chromium-review.googlesource.com/c/crosvm/crosvm/+/3878738
Tested-by: Victor Ding <victording@chromium.org>
Reviewed-by: Daniel Verkamp <dverkamp@chromium.org>
Commit-Queue: Daniel Verkamp <dverkamp@chromium.org>
Auto-Submit: Victor Ding <victording@chromium.org>
LockRule indicates whether the Global Lock is to be used when accessing
a field, which is crucial for performing certain MMIO.
BUG=None
TEST=tools/presubmit
Change-Id: I2bbabaa87b85ae529878587c810166614383098c
Reviewed-on: https://chromium-review.googlesource.com/c/crosvm/crosvm/+/3876762
Reviewed-by: Daniel Verkamp <dverkamp@chromium.org>
Auto-Submit: Victor Ding <victording@chromium.org>
Tested-by: Victor Ding <victording@chromium.org>
Commit-Queue: Daniel Verkamp <dverkamp@chromium.org>
