VirtioPciCap omits the `cap_vndr` and `cap_next` fields from it's
definition, deferring the instantiation of these bytes to the
add_capability method in PCI configuration. There is even a
comment on add_capability that mentions this omission.
Unfortunately, comments tend not to be read, and mismatches between
the linux headers and crosvm structures can result in some subtle
and tricky to debug bugs, especially when implementing other types
of virtio capabilties that subsume VirtioPciCap.
Case in point, when implementing the VirtioPciShmCap (used by
virtio-fs), this subtle mismatch resulted in a bug where an
additional 2 bytes of padding were inserted between the `cap` member
and the `offset_hi` member (see CL:1493014 for the exact struct).
Since the cap_len field was instantiated using mem::sizeof Self, the
additional padding just-so-happened to be the perfect ammount to sneak
past the sanity checks in add_capabilities. The bug manifested itself by
shifting over the length_hi field by 16 bits, resulting in much larger
than expected cache sizes.
This CL brings the VirtioPciCap structures in-line with their
linux/virtio_pci.h counterparts, marking the structures as repr(C) (as
opposed to repr(packed)) and leaving the cap_vndr and cap_next members
in the struct, noting that they will be automatically populated in
add_capability.
BUG=chromium:936567
TEST=cargo test -p devices, boot vm
Change-Id: Ia360e532b58070372a52346e85dd4e30e81ace7a
Reviewed-on: https://chromium-review.googlesource.com/1540397
Commit-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com>
Tested-by: kokoro <noreply+kokoro@google.com>
Reviewed-by: Dylan Reid <dgreid@chromium.org>
Reviewed-by: Daniel Verkamp <dverkamp@chromium.org>
Removes an unnecessary Option from the return type.
Also added a note about moving PCI methods out of the VirtioDevice
trait, as the trait shouldn't be tied to any particular transport layer.
BUG=chromium:936567
TEST=cargo build --features=gpu
Change-Id: I2c75c830bbe2d2b4a15461e8497535c526775bbe
Reviewed-on: https://chromium-review.googlesource.com/1536206
Commit-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com>
Tested-by: kokoro <noreply+kokoro@google.com>
Reviewed-by: Zach Reizner <zachr@chromium.org>
Using non-linear buffer seems to be safe based on the apps I've
tested. This is similiar to the ARC++ use case, which also doesn't
explicitly send modifiers to Chrome.
BUG=chromium:945033
TEST=clear_clear goes from 980 mpixels --> 6797.90 mpixels
on Nami
Change-Id: I2dcb78366c2d2d83d64bb23f6da1f07c8747819c
Reviewed-on: https://chromium-review.googlesource.com/1538463
Commit-Ready: Gurchetan Singh <gurchetansingh@chromium.org>
Tested-by: kokoro <noreply+kokoro@google.com>
Reviewed-by: David Riley <davidriley@chromium.org>
Reviewed-by: Chia-I Wu <olv@google.com>
Reviewed-by: Stéphane Marchesin <marcheu@chromium.org>
favor `if let` over `match` for destructing a single value.
Signed-off-by: Dylan Reid <dgreid@chromium.org>
Change-Id: I0c09d7ffc380e84d7413d6fed338d65a60563a8f
Reviewed-on: https://chromium-review.googlesource.com/1510069
Tested-by: kokoro <noreply+kokoro@google.com>
Reviewed-by: Stephen Barber <smbarber@chromium.org>
Reviewed-by: Daniel Verkamp <dverkamp@chromium.org>
Fuzz using the data as a qcow image with an offset and value to write to
the image.
Change-Id: Iff8f2971ba716c93d978e33338ad62b5d487c115
Signed-off-by: Dylan Reid <dgreid@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/871132
Tested-by: kokoro <noreply+kokoro@google.com>
Reviewed-by: Chirantan Ekbote <chirantan@chromium.org>
As of Rust 1.33.0, use of trim_left_matches warns that it is
deprecated and should be replaced with trim_start_matches.
BUG=None
TEST=build_test
Change-Id: I42bd5dba10aeffcd076882d28cb02551c50ff614
Signed-off-by: Daniel Verkamp <dverkamp@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1534963
Tested-by: kokoro <noreply+kokoro@google.com>
Reviewed-by: Zach Reizner <zachr@chromium.org>
When compiling unit tests in the pre-cq, the Cargo.lock file is deleted.
Testing a sub-crate without a lock file will cause the protobuf
dependency to resolve to the latest version of protobuf, which varies
based on whatever other cros-rust.eclass based ebuilds have been run
beforehand. This change fixes that source of flake.
BUG=None
TEST=pre-cq
Change-Id: Ief951391c08b0f0cc9ff035437824d89860455e2
Reviewed-on: https://chromium-review.googlesource.com/1534962
Commit-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com>
Tested-by: kokoro <noreply+kokoro@google.com>
Tested-by: Zach Reizner <zachr@chromium.org>
Reviewed-by: Stephen Barber <smbarber@chromium.org>
There is now infrastructure for running fuzzers in cros, use it.
Change-Id: I53ec9e195b7062fdcc38b5186c1f3194031037f3
Signed-off-by: Dylan Reid <dgreid@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1521667
Tested-by: kokoro <noreply+kokoro@google.com>
Reviewed-by: Chirantan Ekbote <chirantan@chromium.org>
Building off CL:1290293
Instead of having a seperate GuestMemoryManager, this adds SharedMemory
as a Arc'd member of GuestMemory. This is nice since it removes the need
to plumb the Manager struct throughout the codebase.
BUG=chromium:936567
TEST=cargo test -p sys_util
Change-Id: I6fa5d73f7e0db495c2803a040479818445660345
Reviewed-on: https://chromium-review.googlesource.com/1493013
Commit-Ready: Daniel Prilik <prilik@google.com>
Tested-by: kokoro <noreply+kokoro@google.com>
Reviewed-by: Zach Reizner <zachr@chromium.org>
The putting the hostname in the syslog header of messages sent to
/dev/log isn't widely supported. It isn't understood by rsyslogd by
default, and it isn't understood by journald. Remove it as it provides
no value to us.
BUG=None
TEST=Ensure journal properly parses the header from crosvm log messages
Change-Id: I9bba78925f048f7d2ce6320b00b9fa52f070ce51
Reviewed-on: https://chromium-review.googlesource.com/1525139
Commit-Ready: Christopher Morin <cmtm@google.com>
Tested-by: Christopher Morin <cmtm@google.com>
Tested-by: kokoro <noreply+kokoro@google.com>
Reviewed-by: Zach Reizner <zachr@chromium.org>
Check for failures of the PciDevice register_device_capabilities
function. This fixes a build warning about ignoring a Result.
BUG=None
TEST=Boot Crostini on nami; cargo build without warnings
Change-Id: I48458a3a19a99a471d4c91c9761d35dc8dd2ef20
Signed-off-by: Daniel Verkamp <dverkamp@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1526329
Tested-by: kokoro <noreply+kokoro@google.com>
Reviewed-by: Daniel Prilik <prilik@google.com>
Reviewed-by: Dylan Reid <dgreid@chromium.org>
The RawFd import is only used when sandboxed-libusb is set, so put it
behind a cfg check.
BUG=None
TEST=cargo build passes without warnings
Change-Id: Iaae6131dabff2205f86dac2bf3a4e7ad08e66eac
Signed-off-by: Daniel Verkamp <dverkamp@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/1531093
Tested-by: kokoro <noreply+kokoro@google.com>
Reviewed-by: Jingkui Wang <jkwang@google.com>
None of instances of EventHandler::on_event actually used the fd. The
PollfdChangeHandler::remove_poll_fd callback fabricated a potentially
valid fd (0), which went undetected because nobody used it.
Additionally, using RawFds almost always requires unsafe and should be
avoided.
CQ-DEPEND=CL:1522214
BUG=chromium:831850
TEST=cargo test
Change-Id: I095edbcad317e4832b1fb29fd08d602fbde4fd5d
Reviewed-on: https://chromium-review.googlesource.com/1525135
Commit-Ready: Jingkui Wang <jkwang@google.com>
Tested-by: Jingkui Wang <jkwang@google.com>
Reviewed-by: Jingkui Wang <jkwang@google.com>
This cleans up some feature flag plumping for libusb sandboxing as well.
BUG=chromium:831850
TEST=cargo test
CQ-DEPEND=CL:1512762
Change-Id: Ic70784db204ddced94498944b021bcb7dd708bb1
Reviewed-on: https://chromium-review.googlesource.com/1522214
Commit-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com>
Tested-by: Jingkui Wang <jkwang@google.com>
Reviewed-by: Jingkui Wang <jkwang@google.com>
Previously, the getter and setter functions generated for a bitfield
struct by #[bitfield] all operated on primitive types like bool, u8, u16
etc.
This CL adds support for getters and setters defined in terms of
user-defined enums.
We make an enum bitfield-compatible by adding #[bitfield]. The number of
variants must be a power of 2.
#[bitfield]
enum TwoBits {
Zero = 0b00,
One = 0b01,
Two = 0b10,
Three = 0b11,
}
And then it may be used to specify a field in a bitfield struct.
#[bitfield]
struct Struct {
prefix: BitField1,
two_bits: TwoBits,
suffix: BitField5,
}
The generated getters and setters for this struct would have the
following signatures:
impl Struct {
fn get_prefix(&self) -> u8;
fn set_prefix(&mut self, val: u8);
fn get_two_bits(&self) -> TwoBits;
fn set_two_bits(&mut self, val: TwoBits);
fn get_suffix(&self) -> u8;
fn set_suffix(&mut self, val: u8);
}
TEST=`cargo test` the bit_field and bit_field_derive crates
TEST=`cargo check` crosvm
Change-Id: Ibc8923e2877fda6ae8da5767731edcb68721a434
Reviewed-on: https://chromium-review.googlesource.com/1519686
Commit-Ready: David Tolnay <dtolnay@chromium.org>
Tested-by: David Tolnay <dtolnay@chromium.org>
Tested-by: kokoro <noreply+kokoro@google.com>
Reviewed-by: David Tolnay <dtolnay@chromium.org>
Separated out of CL:1513058 to make it possible to land parts
individually while the affected crate has no other significant CLs
pending. This avoids repeatedly introducing non-textual conflicts with
new code that adds `use` statements.
TEST=cargo check
TEST=cargo check --all-features
TEST=cargo check --target aarch64-unknown-linux-gnu
Change-Id: Ief399ac868710c3a2d864f98c0ad9215e8917ed6
Reviewed-on: https://chromium-review.googlesource.com/1520067
Commit-Ready: David Tolnay <dtolnay@chromium.org>
Tested-by: David Tolnay <dtolnay@chromium.org>
Tested-by: kokoro <noreply+kokoro@google.com>
Reviewed-by: David Tolnay <dtolnay@chromium.org>
And we are not selecting sandboxed libusb
BUG=chromium:831850
TEST=cargo test
Change-Id: Ie205a410575dfc1f40515dcb2607bf62e2ccd771
Reviewed-on: https://chromium-review.googlesource.com/1377620
Commit-Ready: Jingkui Wang <jkwang@google.com>
Tested-by: kokoro <noreply+kokoro@google.com>
Reviewed-by: Zach Reizner <zachr@chromium.org>
Device can be assigned to slot. Command ring handles usb commands,
transfer ring handles usb transfers.
CQ-DEPEND=CL:1510819
BUG=chromium:831850
TEST=cargo test
Change-Id: Ib0836ee518d1c7a3e902630c7ea04e29b9496c80
Reviewed-on: https://chromium-review.googlesource.com/1510820
Commit-Ready: Jingkui Wang <jkwang@google.com>
Tested-by: kokoro <noreply+kokoro@google.com>
Tested-by: Zach Reizner <zachr@chromium.org>
Reviewed-by: Zach Reizner <zachr@chromium.org>
Those are bridges between xhci and backend.
CQ-DEPEND=CL:1510818
BUG=chromium:831850
TEST=cargo test
Change-Id: I04feab449d48b0c908aeebfda08d1869239cbe6f
Reviewed-on: https://chromium-review.googlesource.com/1510819
Commit-Ready: Jingkui Wang <jkwang@google.com>
Tested-by: kokoro <noreply+kokoro@google.com>
Tested-by: Zach Reizner <zachr@chromium.org>
Reviewed-by: Zach Reizner <zachr@chromium.org>
for ring buffer, guest kernel is producer and crosvm is consumer
CQ-DEPEND=1510817
BUG=chromium:831850
TEST=cargo test
Change-Id: Ib62d2b42de1a77ff71ca0e2a0066feacc56dddc1
Reviewed-on: https://chromium-review.googlesource.com/1510818
Commit-Ready: Jingkui Wang <jkwang@google.com>
Tested-by: kokoro <noreply+kokoro@google.com>
Reviewed-by: Zach Reizner <zachr@chromium.org>
This CL adds some necessary constants and types, as well as a few
skeleton function declarations, for an IOAPIC device.
I'm sending this CL first in the interest of minimizing CL size and
making future CLs easier to review.
TEST=Built
BUG=chromium:908689
Change-Id: Ib8ae37e0092c31d7cb8073070f9592baed236323
Reviewed-on: https://chromium-review.googlesource.com/1520809
Commit-Ready: David Tolnay <dtolnay@chromium.org>
Tested-by: Miriam Zimmerman <mutexlox@chromium.org>
Tested-by: kokoro <noreply+kokoro@google.com>
Reviewed-by: David Tolnay <dtolnay@chromium.org>
Implementing this macro by ignoring the args and expanding to nothing
makes it possible to pass invalid args like `usb_debug!("{}")`. Use `if
false` instead to ensure that the args are valid formatter args.
As part of this, fix a call to a non-existent function inside one of the
usb_debug invocations.
TEST=cargo check devices
Change-Id: Id82dad7b021060dce7b4d3b828bbd21aaa6ef410
Reviewed-on: https://chromium-review.googlesource.com/1518730
Commit-Ready: David Tolnay <dtolnay@chromium.org>
Tested-by: David Tolnay <dtolnay@chromium.org>
Tested-by: kokoro <noreply+kokoro@google.com>
Reviewed-by: Jingkui Wang <jkwang@google.com>
The serial test won't run when parallel group fails
because of the short-circuiting effect of logical
operators.
Assuming the tool was not designed to fail the whole
test prematurely, this change ensures both test groups
executed every time.
BUG=None
TEST=build_test and observe the test cases in serial
group (io_jail and sys_util) are executed when the
parallel group fails.
Change-Id: I86e57069490c58dfed48960d87ea35c2403450b7
Signed-off-by: Jianxun Zhang <jianxun.zhang@intel.com>
Reviewed-on: https://chromium-review.googlesource.com/1488611
Tested-by: kokoro <noreply+kokoro@google.com>
Reviewed-by: Zach Reizner <zachr@chromium.org>
Both "multiprocess" and "disable-sandbox" control the same config
and actually they have same final effects. So just remove "multiprocess"
argument and also rename "multiprocess" to "sandbox" to make it more
clear.
BUG=None
TEST=`cros_run_unit_tests --board=eve --packages=crosvm`
Change-Id: I313d110af48b43231b1426332b63868cb0218490
Reviewed-on: https://chromium-review.googlesource.com/1524375
Commit-Ready: Lepton Wu <lepton@chromium.org>
Tested-by: kokoro <noreply+kokoro@google.com>
Reviewed-by: Zach Reizner <zachr@chromium.org>
There is no such syscall as fseek as far as I can tell. There is lseek,
which would be how fseek is implemented in libc, and it is already
included in the policy.
BUG=chromium:936633
TEST=parse_seccomp_policy seccomp/x86_64/tpm_device.policy
Change-Id: Ifb891395d7447d8b81cb1b17af18c49e5d5fc96f
Reviewed-on: https://chromium-review.googlesource.com/1518490
Commit-Ready: Zach Reizner <zachr@chromium.org>
Tested-by: kokoro <noreply+kokoro@google.com>
Tested-by: Zach Reizner <zachr@chromium.org>
Reviewed-by: Dylan Reid <dgreid@chromium.org>
The regs_reg_overlap() test is a panic test but the function that it is
testing only uses debug_asserts so the test will fail if debug
assertions are disabled. Only run the test when debug assertions are
enabled.
BUG=chromium:940668
TEST=`FEATURES=test USE=-cros-debug emerge-nami crosvm`
Change-Id: Ie722cb49908ae4c4a9ecc5f248a6ec25fbcc05c9
Reviewed-on: https://chromium-review.googlesource.com/1518729
Commit-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com>
Tested-by: kokoro <noreply+kokoro@google.com>
Reviewed-by: Jeffrey Kardatzke <jkardatzke@google.com>
Reviewed-by: Zach Reizner <zachr@chromium.org>
Reviewed-by: Dylan Reid <dgreid@chromium.org>
Separated out of CL:1513058 to make it possible to land parts
individually while the affected crate has no other significant CLs
pending. This avoids repeatedly introducing non-textual conflicts with
new code that adds `use` statements.
TEST=cargo check
TEST=cargo check --all-features
TEST=cargo check --target aarch64-unknown-linux-gnu
Change-Id: I99843b923094e4df7a139f22a30eb19527d11d98
Reviewed-on: https://chromium-review.googlesource.com/1519689
Commit-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com>
Tested-by: David Tolnay <dtolnay@chromium.org>
Tested-by: kokoro <noreply+kokoro@google.com>
Reviewed-by: David Tolnay <dtolnay@chromium.org>
This is an easy step toward adopting 2018 edition eventually, and will
make any future CL that sets `edition = "2018"` this much smaller.
The module system changes in Rust 2018 are described here:
https://doc.rust-lang.org/edition-guide/rust-2018/module-system/path-clarity.html
Generated by running:
cargo fix --edition --all
in each workspace, followed by bin/fmt.
TEST=cargo check
TEST=cargo check --all-features
TEST=cargo check --target aarch64-unknown-linux-gnu
Change-Id: I000ab5e69d69aa222c272fae899464bbaf65f6d8
Reviewed-on: https://chromium-review.googlesource.com/1513054
Commit-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com>
Tested-by: David Tolnay <dtolnay@chromium.org>
Tested-by: kokoro <noreply+kokoro@google.com>
Reviewed-by: David Tolnay <dtolnay@chromium.org>
Usb implementation will use usb_debug to log verbose debug logs. It will
be turned off by default.
BUG=chromium:831850
TEST=local build
Change-Id: Ieaa22e57e624841a5f78a6a1a1874351bbd77a86
Reviewed-on: https://chromium-review.googlesource.com/1510813
Commit-Ready: Jingkui Wang <jkwang@google.com>
Tested-by: kokoro <noreply+kokoro@google.com>
Tested-by: Zach Reizner <zachr@chromium.org>
Reviewed-by: Zach Reizner <zachr@chromium.org>
event_loop: event loop based on poll context.
async_job_queue: queue a job, it will be invoked on event loop. This
could be used to invoke a function without holding any locks.
BUG=chromium:831850
TEST=local build
Change-Id: Iab61ac43221bf5d635a0138073d7f88401e5ab07
Reviewed-on: https://chromium-review.googlesource.com/1509852
Commit-Ready: Jingkui Wang <jkwang@google.com>
Tested-by: Jingkui Wang <jkwang@google.com>
Tested-by: kokoro <noreply+kokoro@google.com>
Reviewed-by: Zach Reizner <zachr@chromium.org>
