Commit graph

3013 commits

Author SHA1 Message Date
Daniel Verkamp
3f1a383a49 Exclude a few dead_code instances
These are mostly places where a field in a struct is only kept around
for lifetime reasons.

Annotating the individual instances means that we don't have to turn off
the warning for new code.

BUG=b:365852007

Change-Id: I9172ea28cc12779331cd48c2c6ad1003d7ca02f8
Reviewed-on: https://chromium-review.googlesource.com/c/crosvm/crosvm/+/5966505
Commit-Queue: Daniel Verkamp <dverkamp@chromium.org>
Reviewed-by: Dennis Kempin <denniskempin@google.com>
2024-11-05 00:16:59 +00:00
David Dai
6eb76a1a3c virtcpufreq_v2: Add a way to throttle vCPUs
The performance range of pCPU that the vCPU is running on is limited by
the frequency range that it supports. There are some usecases where even
running the pCPU at its lowest frequency will still be too fast to
accurately emulate a much smaller vCPU.

Add a worker to throttle the vCPU by adding a fixed amount of work to
the vCPU at varying intervals depending on the vCPU's requested
performance.

The relationship to determine the interval is:

THROTTLE_PERIOD = THROTTLE_TIME / (1.0 - VCPU_PERF / PCPU_PERF);

The worker will only throttle vCPU when it requests a performance point
below the performance of pCPU@Fmin, but otherwise falls back to using
frequency ratios to emulate smaller vCPUs.

By emulating correct vCPU sizes and topologies, this enables Cuttlefish
to accurately model real life SoCs and kernel scheduler behaviors inside
the guest. This allows for better power and performance related testing
at scale using ARM64 servers.

Bug=b:284367589
Test: tools/presubmit
Change-Id: Ide6f61a68ea59cee0db163829839ad575db1b208
Signed-off-by: David Dai <davidai@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/crosvm/crosvm/+/5980807
Reviewed-by: Daniel Verkamp <dverkamp@chromium.org>
2024-11-04 22:21:35 +00:00
Daniel Verkamp
40dcc1885d devices: virtio-console: deprecate legacy-virtio-console option
The --serial command line option will still accept the old
`hardware=legacy-virtio-console` via a serde alias, but the actual enum
variant can be removed now that it is equivalent to VirtioConsole (since
https://crrev.com/c/5739275).

Change-Id: I0db0302c60707e38dfc93da1effe078046a7b321
Reviewed-on: https://chromium-review.googlesource.com/c/crosvm/crosvm/+/5788964
Commit-Queue: Daniel Verkamp <dverkamp@chromium.org>
Reviewed-by: Dmitry Torokhov <dtor@chromium.org>
2024-11-01 21:19:02 +00:00
David Dai
41f648e369 virtcpufreq_v2: Support scaling for custom sized vCPUs
Allow for custom vCPU capacity and frequency configurations
by applying a scale to requested and reported frequencies.

This allows users to emulate topologies that are different
from the host to mimic DVFS behaviors in guests that
are similar to real devices.

This is adapted from aosp/3195051.

Bug=b:284367589
Test: tools/presubmit
Change-Id: I48e8f6e7d7eb24eba25bcf98448279688a0c8fa9
Signed-off-by: David Dai <davidai@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/crosvm/crosvm/+/5973949
Reviewed-by: Frederick Mayle <fmayle@google.com>
2024-10-31 19:13:41 +00:00
David Dai
94fce29ab0 Add freq_domain and CGroup V2 support
Allow users to specify frequency domain information along with
frequencies when configuring vCPUs. Many SoCs will scale multiple CPUs
under a single frequency domain. Enabling this feature allows for more
accurate SoC modeling when virtual cpufreq is supported.

Host needs to provide CGroupV2 hiearchies support when
enabling frequency domain emulation.

vCPUs that share a frequency domain will be placed under
the same cgroup and their performance will be adjusted together.

Bug=b:284367589
Test: tools/presubmit
Change-Id: I0a88796a4d9cbccc93caf3a07d8815968c733b49
Signed-off-by: David Dai <davidai@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/crosvm/crosvm/+/5967454
Reviewed-by: Daniel Verkamp <dverkamp@chromium.org>
Reviewed-by: Frederick Mayle <fmayle@google.com>
2024-10-30 03:39:07 +00:00
Daniel Verkamp
9c13ce4cc3 devices: fs: check root_dir is a valid CString
Replace the unsafe CStr construction with a CString::new() call, and
check the result to ensure the passed string has no embedded NUL bytes.

BUG=None
TEST=tools/dev_container tools/presubmit

Change-Id: I67d4b9d1856c201441c807e5cd23c38f050ed21f
Reviewed-on: https://chromium-review.googlesource.com/c/crosvm/crosvm/+/5972799
Reviewed-by: Keiichi Watanabe <keiichiw@chromium.org>
Commit-Queue: Daniel Verkamp <dverkamp@chromium.org>
2024-10-29 17:58:55 +00:00
Daniel Verkamp
2550f35681 devices: fs: use C string literals to avoid unsafe
Many of the CStr instances were constructed from byte arrays, which can
now be replaced with c"..." literals to avoid the need to call unsafe
CStr::from_bytes_with_nul_unchecked().

BUG=None
TEST=tools/dev_container tools/presubmit

Change-Id: I5fe141dfc10da02b77f80c9b44fdf77018fc4561
Reviewed-on: https://chromium-review.googlesource.com/c/crosvm/crosvm/+/5972798
Commit-Queue: Daniel Verkamp <dverkamp@chromium.org>
Reviewed-by: Keiichi Watanabe <keiichiw@chromium.org>
2024-10-29 17:58:50 +00:00
Yuan Yao
18e1454927 bat: Add fake_power/resume_fake_power crosvm_control api
This CL adds two crosvm_control APIs for faking power and resuming
power from fake configuratiion. The APIs are designed for support arcvm
doze mode.

The crosvm_client_fake_power() is used to set battery's fake
configuration. The power status will always be on battery, which means
ac_online=0. Also, the maximum battery capacity that could be read by
guest is set to max_battery_capacity.

The crosvm_client_cancel_fake_power() is used to resume battery from
fake configuration. The battery device will report real host power
status.

BUG=b:353609634
TEST=write C program to call api & test manually

Change-Id: I30513847cfacc211bce885d2ff794fc7ae535c7c
Reviewed-on: https://chromium-review.googlesource.com/c/crosvm/crosvm/+/5715936
Reviewed-by: Keiichi Watanabe <keiichiw@chromium.org>
Commit-Queue: Yuan Yao <yuanyaogoog@chromium.org>
2024-10-29 07:04:36 +00:00
Daniel Verkamp
d3851eab02 devices: fix clippy::manual_unwrap_or_default lints
Use unwrap_or() rather than unwrap_or_default() to clarify which values
will be returned in the error case; this still satisfies the clippy
analyzer.

BUG=b:365852007

Change-Id: I7d8b0b856a39f8e211248179a5befd2bd6a11851
Reviewed-on: https://chromium-review.googlesource.com/c/crosvm/crosvm/+/5966503
Commit-Queue: Daniel Verkamp <dverkamp@chromium.org>
Reviewed-by: Keiichi Watanabe <keiichiw@chromium.org>
2024-10-28 17:42:27 +00:00
Kaiyi Li
de09e2edbb devices: vhost-user: device: gpu: remove unnecessary imports
We actually don't need to import the SinkExt trait.

Bug: b/375619688
Test: presubmit
Change-Id: I803fb72aa1fa3f4f5a6c415b13a28102c8f8bfb7
Reviewed-on: https://chromium-review.googlesource.com/c/crosvm/crosvm/+/5967223
Reviewed-by: Daniel Verkamp <dverkamp@chromium.org>
Commit-Queue: Daniel Verkamp <dverkamp@chromium.org>
2024-10-28 17:23:34 +00:00
Keiichi Watanabe
f67ee911d9 devices: fs: Allow running virito-fs without root
We usually requires the root permission or sandboxing to run
virtiofs to do bind-mount and pivot_root inside
of a mount namespace.

This CL allows non-root user wherein "root_dir" defaults to the
path provided via "--shared-dir". This override is currently
enabled when "fs_runtime_ugid_map" feature is enabled.

Bug=b:340940950
Test: Launch Terminal App with virtiofs enabled.
Verify virtiofs mounts on guest and run basic I/O tests.
Change-Id: Icc0065cb11dd919f473e5d3ee994e7f8d679ecd0
Signed-off-by: Akilesh Kailash <akailash@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/crosvm/crosvm/+/5945445
Reviewed-by: Keiichi Watanabe <keiichiw@chromium.org>
2024-10-26 00:21:18 +00:00
Kaiyi Li
4d70c7310d devices: vhost-user: device: gpu: do not hold the mutable reference when cancelling
It's possible that the running task can also hold a mutable reference to
platform_workers and end up with a panic.

Bug: b/375619688
Test: run the emulator
Change-Id: I3538856c7702976df9a8b661dd5dd95cc27d4ca8
Reviewed-on: https://chromium-review.googlesource.com/c/crosvm/crosvm/+/5967475
Commit-Queue: Kaiyi Li <kaiyili@google.com>
Reviewed-by: Frederick Mayle <fmayle@google.com>
2024-10-25 23:06:22 +00:00
Jason Macnak
9bd5e72cdf rutabaga_gfx: Make fence state snapshot-able with serde json
... by serializing/deserializing the map as a series of kv pairs
to avoid `key must be a string` errors with JSON.

Bug: b/369615058
Test: cvd start --enable_virtiofs=false
Test: cvd snapshot_take --snapshot_path=/tmp/snapshot1
Test: cvd create --snapshot_path=/tmp/snapshot1
Change-Id: I037e8e3659b52fa2983712425381431a0bebab87
Reviewed-on: https://chromium-review.googlesource.com/c/crosvm/crosvm/+/5917178
Reviewed-by: Frederick Mayle <fmayle@google.com>
Commit-Queue: Jason Macnak <natsu@google.com>
2024-10-25 20:20:17 +00:00
Jason Macnak
846b26e08e devices: virtio_gpu: Separate snapshot from suspend
... so that every suspend() + snapshot() + resume() cycle does not
reset the underlying renderer state.

Bug: b/369615058
Test: cvd start --enable_virtiofs=false
Test: atest FastbootRebootTest
Test: cvd snapshot_take \
      --force \
      --auto_suspend \
      --snapshot_path=/tmp/snapshot1
Change-Id: Ie34e4b2ca8ff27269aa6d06bb91fd49bdc28f142
Reviewed-on: https://chromium-review.googlesource.com/c/crosvm/crosvm/+/5907647
Commit-Queue: Jason Macnak <natsu@google.com>
Reviewed-by: Elie Kheirallah <khei@google.com>
Reviewed-by: Frederick Mayle <fmayle@google.com>
2024-10-25 16:13:13 +00:00
Daniel Verkamp
6c57e3373a Use inspect_err in place of map_err where appropriate
A new clippy lint in Rust 1.81 warns about map_err() when the error is
not actually modified, just returned intact. Replace the affected cases
with inspect_err(), which allows the provided function to peek at the
error (if there is one) without modifying/replacing it.

BUG=b:365852007

Change-Id: I556a994011977420e6041ff4c6ea3bec06496014
Reviewed-on: https://chromium-review.googlesource.com/c/crosvm/crosvm/+/5852616
Commit-Queue: Daniel Verkamp <dverkamp@chromium.org>
Reviewed-by: Keiichi Watanabe <keiichiw@chromium.org>
2024-10-24 18:21:43 +00:00
Jason Macnak
94971fd073 devices: virtio_gpu: save and restore shmem offset
... for mapped resources by remapping into the guest on restore.

Bug: b/369615058
Test: b/369615058#comment1
Change-Id: Ic6194c312b019a83b8eee94b082ed2f7e9c249a4
Reviewed-on: https://chromium-review.googlesource.com/c/crosvm/crosvm/+/5907646
Reviewed-by: Frederick Mayle <fmayle@google.com>
Commit-Queue: Jason Macnak <natsu@google.com>
2024-10-24 15:53:01 +00:00
Jason Macnak
a4d827dedd rutabaga_gfx: Add suspend/resume hooks for components
... so that Gfxstream can suspend/resume RenderThreads/ASGs
before/after snapshots.

Bug: b/369615058
Test: build
Change-Id: Ia517d03e9d6601a3533dce80a3b36a6e1ac2be89
Reviewed-on: https://chromium-review.googlesource.com/c/crosvm/crosvm/+/5907645
Reviewed-by: Gurchetan Singh <gurchetansingh@chromium.org>
Commit-Queue: Jason Macnak <natsu@google.com>
Reviewed-by: Daniel Verkamp <dverkamp@chromium.org>
2024-10-23 21:38:01 +00:00
David Dai
ecdd71ae76 devices: add virtcpufreq_v2
Add the 2nd version of virtual cpufreq device emulation compatible with
the guest <-> host interface used in the V7 patch series of virtual
cpufreq.

See https://lore.kernel.org/all/20240919000837.1004642-1-davidai@google.com/

--virt-cpufreq-v2 is not compatible with v1 and only one version of the
device can be enabled at one time. V1 will be deprecated once the
switch occurs on Android.

Bug=b:284367589
Test: tools/presubmit
Change-Id: Ifb57e6912da0e48663e4308686e930d4c4056ce5
Signed-off-by: David Dai <davidai@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/crosvm/crosvm/+/5956880
Reviewed-by: Frederick Mayle <fmayle@google.com>
2024-10-23 18:34:53 +00:00
Jason Macnak
ad154e6d7d devices: virtio_gpu: Keep state across sleep/wake
Prior to this change, virtio_sleep() would take a snapshot and
then completely destroy the underlying renderer via the

  std::mem::drop(worker.state);

and then virtio_wake() would create a new renderer and attempt
to restore the previous state.

Sleep and waking without a snapshot load should be a non
destructive operation. This change attempts to make the
underlying renderer state persistent by updating the GPU worker
to be created once (start_worker_thread() now only called once)
and updating the worker to send/recv deactivation/activation
resources back to the main thread after sleeps/wakes.

Bug: b/369615058
Test: cvd start --enable_virtiofs=false
Test: atest FastbootRebootTest
Test: cvd snapshot_take \
      --force \
      --auto_suspend \
      --snapshot_path=/tmp/snapshot1
Change-Id: I6427c27ee4c21c3e7b1095fbfffb69afcd2a8d24
Reviewed-on: https://chromium-review.googlesource.com/c/crosvm/crosvm/+/5900696
Commit-Queue: Jason Macnak <natsu@google.com>
Reviewed-by: Elie Kheirallah <khei@google.com>
Reviewed-by: Daniel Verkamp <dverkamp@chromium.org>
Reviewed-by: Idan Raiter <idanr@google.com>
2024-10-23 17:14:37 +00:00
David Dai
58f13de711 Revert "devices: add virtcpufreq_v2"
This reverts commit 97490c5252.

Reason for revert: Buggy

Original change's description:
> devices: add virtcpufreq_v2
>
> Add the 2nd version of virtual cpufreq device emulation compatible with
> the guest <-> host interface used in the V7 patch series of virtual
> cpufreq.
>
> See https://lore.kernel.org/all/20240919000837.1004642-1-davidai@google.com/
>
> --virt-cpufreq-v2 is not compatible with v1 and only one version of the
> device can be enabled at one time. V1 will be deprecated once the
> switch occurs on Android.
>
> Bug=b:284367589
> Test: tools/presubmit
> Change-Id: I125c8f3de5b4c81003ad301d29e7979aef685e00
> Signed-off-by: David Dai <davidai@google.com>
> Reviewed-on: https://chromium-review.googlesource.com/c/crosvm/crosvm/+/5943185
> Reviewed-by: Daniel Verkamp <dverkamp@chromium.org>

Bug: b:284367589
Change-Id: I370fe9d5784bf6ebc3e2f4cf1e3a3536c2879eb9
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Reviewed-on: https://chromium-review.googlesource.com/c/crosvm/crosvm/+/5953595
Reviewed-by: Frederick Mayle <fmayle@google.com>
Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Commit-Queue: David Dai <davidai@google.com>
Auto-Submit: David Dai <davidai@google.com>
2024-10-23 00:43:46 +00:00
David Dai
97490c5252 devices: add virtcpufreq_v2
Add the 2nd version of virtual cpufreq device emulation compatible with
the guest <-> host interface used in the V7 patch series of virtual
cpufreq.

See https://lore.kernel.org/all/20240919000837.1004642-1-davidai@google.com/

--virt-cpufreq-v2 is not compatible with v1 and only one version of the
device can be enabled at one time. V1 will be deprecated once the
switch occurs on Android.

Bug=b:284367589
Test: tools/presubmit
Change-Id: I125c8f3de5b4c81003ad301d29e7979aef685e00
Signed-off-by: David Dai <davidai@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/crosvm/crosvm/+/5943185
Reviewed-by: Daniel Verkamp <dverkamp@chromium.org>
2024-10-23 00:16:04 +00:00
Frederick Mayle
2c73ec1f07 devices: vhost_user_frontend: panic if worker fails
If the worker exits early with an error, then the device is
disfunctional: we can't detect if the device disconnected and
we can't handle IRQ resample requests (needed for aarch64).

Also tweaked some error messages.

TEST=start VM using vhost-user block device without https://crrev.com/c/5937871 an witness crash instead of just a log

Change-Id: I8f6832481a578c5f7dcec27d6c5df430f2d5b348
Reviewed-on: https://chromium-review.googlesource.com/c/crosvm/crosvm/+/5941521
Auto-Submit: Frederick Mayle <fmayle@google.com>
Commit-Queue: Frederick Mayle <fmayle@google.com>
Reviewed-by: Daniel Verkamp <dverkamp@chromium.org>
Commit-Queue: Daniel Verkamp <dverkamp@chromium.org>
2024-10-17 21:03:54 +00:00
Daniel Verkamp
4f06b28a94 devices: vhost-user frontend: fix backend_req on Linux
On Linux, we don't need to monitor anything special to get close
notifications; the Token::ReqHandlerRead event will be generated when
the fd closes (with is_hungup = true) and the closure will be handled
inline.

Adding the same backend_req_handler.get_read_notifier() to the wait_ctx
again causes an error, since that fd was already added in a previous
call.

BUG=None
TEST=`crosvm device block` + `crosvm run`

Fixes: 8de3640c01 ("devices: vhost-user frontend: rewrite worker as non-async")
Change-Id: I1318c5395670476bdc333a2bae1e8c8aba2c658e
Reviewed-on: https://chromium-review.googlesource.com/c/crosvm/crosvm/+/5937871
Reviewed-by: Frederick Mayle <fmayle@google.com>
Commit-Queue: Daniel Verkamp <dverkamp@chromium.org>
2024-10-17 04:04:23 +00:00
Daniel Verkamp
93272c20b6 devices: bus: add test for read() zeroing behavior
As a follow-up to https://crrev.com/c/5913962 ("hypervisor: pass
IoOperation data as slices"), add a test to verify that Bus::read()
fills the passed data buffer with 0s even if there is no device on the
bus at the requested location.

Change-Id: Ief1359c4c4172865aad5fc1d97b5a3fc96527962
Reviewed-on: https://chromium-review.googlesource.com/c/crosvm/crosvm/+/5936289
Reviewed-by: Alexandre Courbot <acourbot@chromium.org>
Commit-Queue: Daniel Verkamp <dverkamp@chromium.org>
2024-10-16 17:24:55 +00:00
Yuan Yao
18f43226d2 devices: bat: get power property before first read
Previously, before powerd monitor is set up and receives first broadcast
signal from powerd, the read() function will return default initial
power property, which does not reflect the real host battery.

This Cl makes goldfish battery device request to get power property
before first time read. It is achieved by sending
GetPowerSupplyProperties dbus request to powerd.

BUG=b:361281568
TEST=deploy to DUT & test

Change-Id: I5044ded5efc744525dfe87fe81370f202f0a43fb
Reviewed-on: https://chromium-review.googlesource.com/c/crosvm/crosvm/+/5918906
Commit-Queue: Yuan Yao <yuanyaogoog@chromium.org>
Reviewed-by: Keiichi Watanabe <keiichiw@chromium.org>
2024-10-16 09:16:32 +00:00
Daniel Verkamp
40920e7278 hypervisor: pass IoOperation data as slices
Previously, the Vcpu handle_io() and handle_mmio() functions used an
IoOperation containing a fixed-length data array to represent a write
and returning a fixed-length data array to represent a read, along with
a separate size field to indicate how much of the fixed-length array
should be read/written.

This change uses Rust slices to represent the I/O data instead:
- Write contains a &[u8] of data to be written.
- Read contains a &mut [u8] to be filled with the read data.

The new IoOperation matches the Bus read()/write() APIs more closely,
and avoids the need for hypervisors and callers to convert between
fixed-size arrays and slices.

The Bus::read() function now always initializes the data slice before
(potentially) calling a device's read() function. This ensures
consistent results even if a device does not always fill out every data
byte (for example, the default BusDevice read() handler that is a no-op)
or if no device is found. This replaces the previous zeroing that would
happen when initializing the read data array to return from handle_fn.
Without this, the data slice may have had stale data from the previous
MMIO/IO exit, depending on the hypervisor implementation.

No functional change intended.

BUG=b:359382839
TEST=tools/dev_container tools/presubmit

Change-Id: Id88ebfa7ece5cc7466c010db2cbde303aeb97bf8
Reviewed-on: https://chromium-review.googlesource.com/c/crosvm/crosvm/+/5913962
Reviewed-by: Vaibhav Nagarnaik <vnagarnaik@google.com>
Reviewed-by: Noah Gold <nkgold@google.com>
Reviewed-by: Frederick Mayle <fmayle@google.com>
Commit-Queue: Daniel Verkamp <dverkamp@chromium.org>
2024-10-15 20:21:19 +00:00
Yuan Yao
17a737e4ae vmm_host: Support vhost_user front-end device monitor sockets in Windows
The chromium:5889431 makes vhost_user front-end device monitor the socket
connection for linux and Android. This CL makes this logic also present
in Windows.

BUG=b:369513363
TEST=tools/dev_container tools/presubmit

Change-Id: Ic7c4fa6c4b85f1d0ee34922a58f47f32f8f20d60
Reviewed-on: https://chromium-review.googlesource.com/c/crosvm/crosvm/+/5906971
Reviewed-by: Frederick Mayle <fmayle@google.com>
Reviewed-by: Noah Gold <nkgold@google.com>
Commit-Queue: Yuan Yao <yuanyaogoog@chromium.org>
2024-10-15 04:05:51 +00:00
Yuan Yao
16298be6a3 vmm_host: Make vhost_user front-end device monitor sockets
This CL adds epoll monitoring socket(in backend_client) for
vhost_user_frontend. The monitored event fd is created from
backend_client's close_notifier. If the connection is broken, it means
vhost_user device exits unexpectedly, the crosvm should panic and exits.

BUG=b:369513363
TEST=start vhost_user device & kill the device & verified the crosvm
panic

Change-Id: I1b82aadc8d924978fe03d87a306f199781b428e3
Reviewed-on: https://chromium-review.googlesource.com/c/crosvm/crosvm/+/5889431
Reviewed-by: Noah Gold <nkgold@google.com>
Commit-Queue: Yuan Yao <yuanyaogoog@chromium.org>
Reviewed-by: Frederick Mayle <fmayle@google.com>
2024-10-15 04:04:41 +00:00
Daniel Verkamp
8de3640c01 devices: vhost-user frontend: rewrite worker as non-async
Also get rid of the platform-specific worker code in sys, since we can
use ReadNotifier and CloseNotifier to implement the worker in a way that
works on Linux and Windows.

BUG=b:370853464

Change-Id: I14e7f33a584728f9cf54ab807a32b2655b119749
Reviewed-on: https://chromium-review.googlesource.com/c/crosvm/crosvm/+/5901870
Reviewed-by: Noah Gold <nkgold@google.com>
Reviewed-by: Frederick Mayle <fmayle@google.com>
Commit-Queue: Yuan Yao <yuanyaogoog@chromium.org>
2024-10-15 04:04:36 +00:00
Akilesh Kailash
4775054dbd device: fs: Setup UID-GID mapping between guest and host without user-namespace.
The virtio-fs usually does mapping of UIDs/GIDs between host and guest with user namespace.
In Android, however, user namespace isn't available for non-root users.
This CL allows mapping UIDs and GIDs without user namespace by intercepting FUSE
requests and translating UID/GID in virito-fs's process at runtime.

This leverages pretty much ARCVM usage of FS_IOC_SETPERMISSION ioctl;
however, in this case, host sets up the permission and the UID-GID
mapping.

The format to set the mapping:

"guest-uid,guest-gid,host-uid,host-gid,umask,path;<repeat
for other paths>"

guest-uid: UID to be set for all the files in the path inside guest.
guest-gid: GID to be set for all the files in the path inside guest.
host-uid: UID to be set for all the files in the path in the host.
host-gid: GID to be set for all the files in the path in the host.
umask: umask to be set at runtime for the files in the path.
path: This is the relative path from the root of the shared directory.

Current this is supported only for vhost-user-fs.

Start the device:

$/apex/com.android.virt/bin/crosvm device fs --socket=/tmp/virtiofs --tag=android \
--shared-dir=/data/media/0 \
--cfg=cache_policy=always,uid_gid_map="1000 1000 10286 1023 0007 /DCIM;1000 1000 1023 1023 0007 /Android" \
--disable-sandbox

CrosVM will pass "--vhost-user-fs=/tmp/virtiofs,tag=android" when
ferrochrome app is started.

In the guest (in CrOS) for "chronos" user:

$mount -t virtiofs android Downloads/

Verify DCIM/ and Android/ directories have "chronos" UID and GID.

Create files inside DCIM/ and verify UID and GID's are correctly set on
the host.

Bug=b:340940950
Test: Launch ferrochrome app passing /storage/emulated/0 and mount
virtiofs inside CrOS (guest VM).

Change-Id: I637ad11eaaf8da58df7d1b04bf2fef05856a95a5
Signed-off-by: Akilesh Kailash <akailash@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/crosvm/crosvm/+/5852617
Reviewed-by: Keiichi Watanabe <keiichiw@chromium.org>
2024-10-11 06:34:30 +00:00
Daniel Verkamp
a9b621c628 devices: vhost-user-fs backend: reuse virtio worker
Reuse the virtio-fs device worker thread implementation to replace the
async vhost-user fs backend. This makes the vhost-user-fs device
independent from the async executor, though it is still needed for the
request handler itself currently.

BUG=b:347782866
TEST=tools/dev_container tools/presubmit
TEST=run `crosvm device fs` and mount the fs in a VM

Change-Id: If4d2bb8c56a88ddac6a3691759cc645cc63b5d24
Reviewed-on: https://chromium-review.googlesource.com/c/crosvm/crosvm/+/5909655
Reviewed-by: Yuan Yao <yuanyaogoog@chromium.org>
Commit-Queue: Daniel Verkamp <dverkamp@chromium.org>
Reviewed-by: Keiichi Watanabe <keiichiw@chromium.org>
2024-10-08 19:31:01 +00:00
Frederick Mayle
511af5a116 disk: windows: restrict file sharing
This makes the behavior closer to Linux (which uses flock).

Change-Id: Iff587b58647eec7378972e5442d4da95f3e2b7a8
Reviewed-on: https://chromium-review.googlesource.com/c/crosvm/crosvm/+/5841071
Reviewed-by: Daniel Verkamp <dverkamp@chromium.org>
Reviewed-by: Noah Gold <nkgold@google.com>
Commit-Queue: Frederick Mayle <fmayle@google.com>
2024-10-07 21:30:55 +00:00
Alexandre Courbot
82e0b2f81c devices: add IDs and constants for virtio-media
BUG=b:308718439
BUG=b:348316475
BUG=b:347118653
TEST=emerge-brya chromeos-base/crosvm

Change-Id: I6c795cf2f5d384670c8f15722c0d91ba2b3c22a2
Reviewed-on: https://chromium-review.googlesource.com/c/crosvm/crosvm/+/5906969
Reviewed-by: Keiichi Watanabe <keiichiw@chromium.org>
Reviewed-by: Daniel Verkamp <dverkamp@chromium.org>
Commit-Queue: Daniel Verkamp <dverkamp@chromium.org>
2024-10-07 17:48:23 +00:00
Elie Kheirallah
d40b9d103d devices: virtio: add Virtio device state machine
BUG=N/A
TEST=N/A

Change-Id: Ic92a2c353e8d763f28559111c8e54f9329ec01a3
Reviewed-on: https://chromium-review.googlesource.com/c/crosvm/crosvm/+/5907641
Reviewed-by: Daniel Verkamp <dverkamp@chromium.org>
Commit-Queue: Elie Kheirallah <khei@google.com>
Reviewed-by: Frederick Mayle <fmayle@google.com>
Auto-Submit: Elie Kheirallah <khei@google.com>
2024-10-03 22:26:33 +00:00
Elie Kheirallah
6123945470 devices: virtio: virtio suspendable macro fix and comment
Put device to sleep before restoring.
Add some comments for clarity when creating a new device.

BUG=b:292276136
TEST=presubmit

Change-Id: I166d57437c429cb6bb59179abcc6bd923ca5f55b
Reviewed-on: https://chromium-review.googlesource.com/c/crosvm/crosvm/+/5906228
Commit-Queue: Frederick Mayle <fmayle@google.com>
Commit-Queue: Elie Kheirallah <khei@google.com>
Reviewed-by: Frederick Mayle <fmayle@google.com>
Auto-Submit: Elie Kheirallah <khei@google.com>
2024-10-03 21:46:54 +00:00
Daniel Verkamp
76ca442212 devices: vhost-user frontend: shorten thread name
The worker thread used to be named "vhost_user_virtio_{type}", which is
too long to fix in the 15 characters available for thread names on
Linux. Use the device's debug_label() instead, which follows the pattern
"vu-{type}", so the threads for different devices can be distinguished.

Change-Id: I8cadf54518724c5a764a0b28b0bc4144cd938d1e
Reviewed-on: https://chromium-review.googlesource.com/c/crosvm/crosvm/+/5906571
Commit-Queue: Daniel Verkamp <dverkamp@chromium.org>
Reviewed-by: Frederick Mayle <fmayle@google.com>
2024-10-03 17:47:22 +00:00
Daniel Verkamp
3b767d235d crosvm device: add --socket-path and --fd, deprecate --socket
Similar to the recent `crosvm device fs` change c32a063c84
("vmm_host: support creating VhostUserStream from socket fd"), allow
the --fd option to use an existing connected socket from an already open
file descriptor.

Additionally, add the --socket-path option to replace --socket.

This matches the vhost-user backend program conventions:
<https://qemu-project.gitlab.io/qemu/interop/vhost-user.html#backend-program-conventions>

The old --socket option continues to be supported while callers
transition to the new --socket-path option.

Unfortunately, the argh crate does not support flattening option structs
(https://github.com/google/argh/issues/15), so it is not possible to
share the common device options currently; they are just duplicated in
the Options struct for each device.

`crosvm device net` is not updated yet, since it supports multiple
vhost-user backends in one instance and uses non-standard argument
parsing.

Change-Id: I873de8c81e41dfdf7939878b2fd572cc62a2a099
Reviewed-on: https://chromium-review.googlesource.com/c/crosvm/crosvm/+/5877432
Commit-Queue: Daniel Verkamp <dverkamp@chromium.org>
Reviewed-by: Frederick Mayle <fmayle@google.com>
2024-09-24 22:10:51 +00:00
Daniel Verkamp
b073f872d4 devices: vhost-user: remove keep_rds from VhostUserStream::new_socket_from_fd()
Implement AsRawDescriptor instead.

Change-Id: I8163c020a253ec74148232ea30f7d71be10ef465
Reviewed-on: https://chromium-review.googlesource.com/c/crosvm/crosvm/+/5883911
Reviewed-by: Frederick Mayle <fmayle@google.com>
Commit-Queue: Daniel Verkamp <dverkamp@chromium.org>
2024-09-24 20:09:26 +00:00
Ryan Neph
815213a967 devices: virtio_gpu: declare cache type for SharedMemoryRegion lazy init
Ensures the single KVM memslot used with virtio_gpu fixed-blob-mapping
is configured with the correct MemCacheType (i.e. with CacheNonCoherent
on devices that build with --feature=noncoherent-dma).

BUG=b:360295883, b:246334944
TEST=ARCVM Play Store gui opens correctly

Change-Id: I305bd5a5708fa165d2a584dd57f8ce3e20b954ba
Reviewed-on: https://chromium-review.googlesource.com/c/crosvm/crosvm/+/5871722
Reviewed-by: David Stevens <stevensd@chromium.org>
Reviewed-by: Daniel Verkamp <dverkamp@chromium.org>
Commit-Queue: Ryan Neph <ryanneph@google.com>
2024-09-20 00:47:41 +00:00
Ryan Neph
d93be1b11d virtio: optional prepare of pci bar mapping with explicit MemCacheType
Lazy-init of VirtioPciDevice shared memory region (to setup hypervisor
mapping) would previously use the MemCacheType seen on first mapping,
which could be anything -- this behavior is never desired, but grew from
a later addition of MemCacheType workaround to the existing Virtio "Fixed
Mapping" optimization.

On devices where the single hypervisor mapping's MemCacheType matters
(e.g. for devices that must configure it with
MemCacheType::CacheNonCoherent), if the first mapping attempted is for a
shmem with WB caching, all later mappings with WC or UC memtype would be
configured incorrectly.

Instead, query the VirtioDevice Trait implementator whether lazy-init of
a single hypervisor mapping should be used (the default), and with which
MemCacheType.

Attempting to later add a `CacheNonCoherent` mapping for a device that
explicitly declared `SingleMappingOnFirst(CacheCoherent)` is invalid,
and would lead to bugs, so we now treat this as an error and fail the
mapping altogether.

VirtioGpu device implementations will use this for devices with either
mandatory or optional-but-enabled non-coherent DMA (e.g. Intel devices
without coherent LLC shared between CPU/GPU, or that may opt to bypass
LLC coherency for optimal perf).

BUG=b:360295883, b:246334944
TEST=Builds

Change-Id: If41d238fd3c220e45c61d78da4a2505572709053
Reviewed-on: https://chromium-review.googlesource.com/c/crosvm/crosvm/+/5871721
Commit-Queue: Ryan Neph <ryanneph@google.com>
Reviewed-by: David Stevens <stevensd@chromium.org>
2024-09-20 00:33:26 +00:00
Keiichi Watanabe
ca5a9cf1a8 pmem-ext2: Create ext2 filesystem after minijail fork
Running mkfs can take a long time because it scans the given directory
entirely.
Running it in the main process blocks the initialization of other devices.
Also, since minijail's fork does not allow threads to exist in the same
process, we can't spawn a thread in the main process.

So, with this CL, we fork a new jailed process for creating a filesystem
on memory as well as the existing pmem device process.
This allows ext2 to be created in parallel with the VM boot process.
Also, we can restrict pmem's device process and the new filesystem
creation process with different seccomp policy.

You can find sequence diagram of the processes in go/virtio-pmem-ext2.

BUG=b:329359333
TEST=run VM on workstation

Change-Id: I60c12caddb22fc59389c317dea7e1102a4772e01
Reviewed-on: https://chromium-review.googlesource.com/c/crosvm/crosvm/+/5644847
Reviewed-by: Junichi Uekawa <uekawa@chromium.org>
Reviewed-by: Daniel Verkamp <dverkamp@chromium.org>
Commit-Queue: Keiichi Watanabe <keiichiw@chromium.org>
Reviewed-by: Takaya Saeki <takayas@chromium.org>
2024-09-20 00:21:26 +00:00
Frederick Mayle
44d897e63f vmm_vhost: delete legacy snapshot implementation
BUG=b:301269927

Change-Id: Ie3e32ea05348809c1a5aba0fdf49f8adbf267609
Reviewed-on: https://chromium-review.googlesource.com/c/crosvm/crosvm/+/5876342
Commit-Queue: Daniel Verkamp <dverkamp@chromium.org>
Auto-Submit: Frederick Mayle <fmayle@google.com>
Commit-Queue: Frederick Mayle <fmayle@google.com>
Reviewed-by: Daniel Verkamp <dverkamp@chromium.org>
2024-09-19 22:52:10 +00:00
Daniel Verkamp
96afbc3dd6 vmm_vhost: replace SystemStream with Connection in pub API
The vmm_vhost::Connection type is now used consistently to represent a
vhost-user connection in the places that previously used a SystemStream
(which is either UnixStream or Tube depending on the platform).

This cleans up the vmm_vhost public API and also keeps more of the
internal vhost-user implementation encapsulated inside the vmm_vhost
library.

The conversion to Connection for unix has also been improved to
propagate the error via TryFrom instead of From, resolving a TODO
comment.

Change-Id: Ib02d300a04304242f7be7e1661c0213c25c7a4f1
Reviewed-on: https://chromium-review.googlesource.com/c/crosvm/crosvm/+/5874103
Reviewed-by: Frederick Mayle <fmayle@google.com>
Commit-Queue: Daniel Verkamp <dverkamp@chromium.org>
2024-09-19 21:19:33 +00:00
Richard Zhang
adb8234a12 Revert "gpu: Add parameter for a custom cursor file"
This reverts commit 2744e5fef6.

Reason for revert: This cmd line param is no longer being used

BUG=b:364906315

Original change's description:
> gpu: Add parameter for a custom cursor file
>
> This will be used to display a custom mouse cursor for Surfaces. This CL
> won't change any functionality
>
> BUG=b:362814745
> TEST=builds and presubmits
>
> Change-Id: If4e5a41bdaa92fecf680aa09fe8e2ca154946d07
> Reviewed-on: https://chromium-review.googlesource.com/c/crosvm/crosvm/+/5825087
> Reviewed-by: Noah Gold <nkgold@google.com>
> Commit-Queue: Richard Zhang <rizhang@google.com>
> Reviewed-by: Pujun Lun <lunpujun@google.com>

Bug: b:362814745
Change-Id: Ib975f92e96e3adb07e1fa27d1a5e6c870e76881a
Reviewed-on: https://chromium-review.googlesource.com/c/crosvm/crosvm/+/5876365
Commit-Queue: Richard Zhang <rizhang@google.com>
Reviewed-by: Noah Gold <nkgold@google.com>
Reviewed-by: Daniel Verkamp <dverkamp@chromium.org>
2024-09-19 19:20:09 +00:00
Keiichi Watanabe
56ada36fc0 base: Make max_open_files() return both soft and hard limits
Make base::max_open_files() return the rlimit64 struct intead of
its rlim_max field.
This will be helpful when changing the soft limit in the following
CL.

BUG=b:329359333
TEST=presubmit

Change-Id: I2738c325f4f1ed19ae021e0b8a50a6a1592c5592
Reviewed-on: https://chromium-review.googlesource.com/c/crosvm/crosvm/+/5872162
Commit-Queue: Keiichi Watanabe <keiichiw@chromium.org>
Reviewed-by: Daniel Verkamp <dverkamp@chromium.org>
2024-09-19 01:22:00 +00:00
Daniel Verkamp
934322f32e devices: vhost-user: remove keep_rds from VhostUserListener::new()
Most callers don't want this functionality, and the ones that do can
easily handle it themselves.

Change-Id: I93cf7fe0237428256b10ff72e87cfd888d5fdd1d
Reviewed-on: https://chromium-review.googlesource.com/c/crosvm/crosvm/+/5871724
Reviewed-by: Frederick Mayle <fmayle@google.com>
Commit-Queue: Daniel Verkamp <dverkamp@chromium.org>
2024-09-18 19:39:24 +00:00
Daniel Verkamp
126a2818d2 devices: vhost-user: unify VhostUserListener constructors
The VhostUserListener new() and new_socket() are identical; replace all
of them with new(). The "socket" name was left over from the VVU
cleanup; in the current code, VhostUserListener always listens on a unix
domain socket.

Change-Id: I51b1beeb1c17431e08708e70dc252b78c77e747d
Reviewed-on: https://chromium-review.googlesource.com/c/crosvm/crosvm/+/5871723
Reviewed-by: Frederick Mayle <fmayle@google.com>
Commit-Queue: Daniel Verkamp <dverkamp@chromium.org>
2024-09-18 19:39:18 +00:00
Daniel Verkamp
d6976ef66b Fix byte_char_slices clippy warnings
BUG=b:365852007

Change-Id: I18bfdcc077cc871ea98e9d6deed5514a6e7d2aa5
Reviewed-on: https://chromium-review.googlesource.com/c/crosvm/crosvm/+/5852613
Reviewed-by: Chih-Yang Hsia <paulhsia@chromium.org>
Commit-Queue: Daniel Verkamp <dverkamp@chromium.org>
2024-09-17 19:49:53 +00:00
Daniel Verkamp
bd52961574 devices: virtio_gpu: simplify remove_displays()
Iterate over the Vec of display_ids directly, rather than converting
them into a BTreeSet first, and use a regular `for` loop rather than
`try_for_each()`.

Additionally, the `scanouts.get_mut()` looked up the scanout once, then
the `scanouts.remove()` looked it up again; `remove()` returns the
removed item, so the `get_mut()` lookup can be avoided entirely.

Also avoids a clippy manual_inspect lint in Rust 1.81.

BUG=b:365852007

Change-Id: If0bf16c0d886315a8d81bcb072ff873dd132e062
Reviewed-on: https://chromium-review.googlesource.com/c/crosvm/crosvm/+/5852612
Reviewed-by: Jason Macnak <natsu@google.com>
Commit-Queue: Daniel Verkamp <dverkamp@chromium.org>
Reviewed-by: Frederick Mayle <fmayle@google.com>
2024-09-11 21:19:23 +00:00
Yuan Yao
6547cd1661 vmm_host: Make VhostUserStream blocking
The VhostUserStream is set to non_blocking before running handler now.
However, the VhostUserStream is created from connection sockets, so it
does not call accept and handle error. This CL removes the line setting
VhostUserSteam to non_blocking.

Also, this CL fixes several incorrect comments.

BUG=b:365458565
TEST=run manual test

Change-Id: I7803fc4c277559f98be4f0bd93b2bb77564ef93c
Reviewed-on: https://chromium-review.googlesource.com/c/crosvm/crosvm/+/5838947
Reviewed-by: Frederick Mayle <fmayle@google.com>
Commit-Queue: Yuan Yao <yuanyaogoog@chromium.org>
2024-09-11 02:02:51 +00:00