The buffers used by DPAPI calls will often contain cryptographic key
material. This CL securely zeroes them on drop.
Note: Windows does provide a platform intrinsic to securely zero memory
(SecureZeroMemory), but it is provided as a macro, which is exceedingly
painful to use from Rust. Zeroize used to call SecureZeroMemory under
the hood in versions of the crate, but it no longer does. Likely
because it's a pain.
BUG=b:286345300
TEST=unit tests
Change-Id: Ifabeecb47563828616f278ff1c28266f4014e753
Reviewed-on: https://chromium-review.googlesource.com/c/crosvm/crosvm/+/5333894
Commit-Queue: Noah Gold <nkgold@google.com>
Reviewed-by: Daniel Verkamp <dverkamp@chromium.org>
Reviewed-by: Judson Powers <judsonp@google.com>
Reviewed-by: Dennis Kempin <denniskempin@google.com>
Hide winapi crate behind 'cfg(windows)' in Cargo.toml.
This CL is for ChromeOS build.
This commit is unneeded on non-ChromeOS environment because winapi has
'#![cfg(windows)]' in its body so it can be built as empty crate even
on non-windows environments.
However, in ChromeOS build system, winapi crate is replaced with an
empty crate that cannot be built on Linux [1].
[1]: http://cs/h/chromium/chromiumos/codesearch/+/main:src/third_party/rust_crates/vendor/winapi-0.3.9/src/lib.rs?l=1
BUG=none
TEST=cros_run_unit_tests --board octopus --packages crosvm on cros_skd
Change-Id: I6174b4f777b9ad5d94544e4ea9cbfd2e65f48089
Reviewed-on: https://chromium-review.googlesource.com/c/crosvm/crosvm/+/5321370
Auto-Submit: Keiichi Watanabe <keiichiw@chromium.org>
Reviewed-by: Dennis Kempin <denniskempin@google.com>
Commit-Queue: Dennis Kempin <denniskempin@google.com>
Nigthly is enabled as part of https://crrev.com/c/4950268
This change contains the formatting changes resulting from the switch.
BUG=b:302055317
TEST=dev_container presubmit format --no-delta
Change-Id: Idaf2b8bae2e09c624b19d9cd3dd5fc8e4d099b3c
Reviewed-on: https://chromium-review.googlesource.com/c/crosvm/crosvm/+/5067088
Reviewed-by: Zihan Chen <zihanchen@google.com>
Commit-Queue: Dennis Kempin <denniskempin@google.com>
These helper functions for getting system information are only used to
implement the equivalent base functions, so move the implementation into
base itself.
This also cleans up the initialization of the cached system information
so that it is contained in a single once_cell::sync::Lazy. The relevant
data is retrieved once and stored in an internal struct SystemInfo to
avoid problems with storing SYSTEM_INFO itself (the Win32 structure
contains pointers, so it is not Sync and can't be stored directly in a
sync::Lazy).
BUG=b:263815124
TEST=tools/run_tests --platform=mingw64
Change-Id: I94d029ef165764f976fd34d846fab60b8754cfb1
Reviewed-on: https://chromium-review.googlesource.com/c/crosvm/crosvm/+/4126566
Reviewed-by: Dennis Kempin <denniskempin@google.com>
Commit-Queue: Daniel Verkamp <dverkamp@chromium.org>
This seems to only generate bindings for ImmDisableIME(), which is
unused in upstream crosvm and also seems to be available without running
a build step now.
BUG=b:277957421
TEST=tools/dev_container tools/presubmit
Change-Id: Ic5a996eb9d8c7d7c65e2138fe92e8ea335cac76f
Reviewed-on: https://chromium-review.googlesource.com/c/crosvm/crosvm/+/4477411
Commit-Queue: Daniel Verkamp <dverkamp@chromium.org>
Reviewed-by: Noah Gold <nkgold@google.com>
This version is already used downstream, and upgrading means we only
have one version of the windows crate to maintain in crosvm downstreams.
BUG=none
TEST=builds
Change-Id: Ic823b0d07eaf75dac941bd32e23a4a5bfd52d088
Reviewed-on: https://chromium-review.googlesource.com/c/crosvm/crosvm/+/4416223
Reviewed-by: Vikram Auradkar <auradkar@google.com>
Commit-Queue: Dennis Kempin <denniskempin@google.com>
In the future we'll be using read/write wrappers in multiple places,
but the wrapping code currently lives in the named pipe implementation.
This CL pulls it out to its own module. It also brings in some other
code in win_util that wasn't upstreamed.
BUG=b:272614458
TEST=presubmit
Change-Id: I6871f3db6991336f42706652b69935755bf2fbc3
Reviewed-on: https://chromium-review.googlesource.com/c/crosvm/crosvm/+/4326942
Commit-Queue: Noah Gold <nkgold@google.com>
Reviewed-by: Daniel Verkamp <dverkamp@chromium.org>
Adds more tokens to the supported token queries. Also refactors the
ProcessToken type to instead be a general Token type, which can also
provide support for thread tokens.
Bug: b/242355890
Test: downstream
Change-Id: Ib1fd574abb3bc46203ef8f03e991efcc22561dc5
Reviewed-on: https://chromium-review.googlesource.com/c/crosvm/crosvm/+/4294675
Reviewed-by: Noah Gold <nkgold@google.com>
Commit-Queue: Idan Raiter <idanr@google.com>
Downstream we've added the SPU + Broker process types, this should be
reflected here to avoid numbers going out of sync.
Also adds sound type.
BUG=b:269313507
TEST=presubmit
Change-Id: I5e3e269c9aca7bc9504e3e822302bcccf3bf377f
Reviewed-on: https://chromium-review.googlesource.com/c/crosvm/crosvm/+/4246713
Reviewed-by: Daniel Verkamp <dverkamp@chromium.org>
Reviewed-by: Alexandre Courbot <acourbot@chromium.org>
Commit-Queue: Idan Raiter <idanr@google.com>
- Rust toolchain is updated to 1.65.0
- Catapult dashboard upload tool is added to dev_container
- Bindgen is updated to latest version to support custom derive
- Derive Eq when PartialEq is derived as required by new Clippy
TEST=CQ, bindgen-all-the-things
FIXED=b:260784028
BUG=b:257303497
Change-Id: I2034cd09e0aed84d4e9b30f2e85d84d94a442ea4
Reviewed-on: https://chromium-review.googlesource.com/c/crosvm/crosvm/+/4228427
Auto-Submit: Zihan Chen <zihanchen@google.com>
Reviewed-by: Dennis Kempin <denniskempin@google.com>
Commit-Queue: Zihan Chen <zihanchen@google.com>
These should be written as ChromeOS and ChromiumOS (without the space)
to match the updated branding. The copyright headers were already
migrated to the new style (https://crrev.com/c/3894243), but there were
some more instances left over.
BUG=None
TEST=tools/cargo-doc
Change-Id: I8c76aea2eb33b2e370ab71ee9b5cc0a4cfd00585
Reviewed-on: https://chromium-review.googlesource.com/c/crosvm/crosvm/+/4129934
Reviewed-by: Dennis Kempin <denniskempin@google.com>
Commit-Queue: Daniel Verkamp <dverkamp@chromium.org>
The DLL notification tests were flaky because we were trying to test an
operation that is somewhat asynchronous from the actions of the test
itself. We would see failures at a pretty low rate because the DLL we
were trying to observe unloads for would not necessarily unload
immediately, or within a short timeout of when we would expect it to
unload.
This was exacerbated by the test using the same DLL for the load and
unload portions of the test. This would add another layer of
nondeterminism about what the state of the test runner process was which
we were trying to deterministically observe.
We can fix this by doing two things:
1. Introduce some synchronization to allow us to wrangle the
asynchronous nature of the test.
2. Use different DLLs for the load and unload tests.
By implementing these changes, the flakiness doesn't appear anymore
after running the test a few thousand times.
BUG: b:229288169
TEST: cargo test --package win_util --lib -- dll_notification
Change-Id: Id6aa216ed91bd9e13523118bcee1b352d511a883
Reviewed-on: https://chromium-review.googlesource.com/c/crosvm/crosvm/+/4062048
Reviewed-by: Noah Gold <nkgold@google.com>
Commit-Queue: Richard Otap <rotap@google.com>
Brings up the Windows vhost-user GPU, when there is a vhost-user flag.
Otherwise, uses the original worker in the main process.
- Creates backend and VMM configs in broker.
- Always passes the VMM config to the main process.
- Passes backend config either to main or the vhost-user process.
- Create exit read / write event pair in broker, so GPU can request it
from its process (on Windows, when we close the rendering window).
BUG=b:243061269
TEST=downstream / presubmit
Change-Id: I373e59e936bc21580e7962942742750444807093
Reviewed-on: https://chromium-review.googlesource.com/c/crosvm/crosvm/+/3968458
Reviewed-by: Daniel Verkamp <dverkamp@chromium.org>
Commit-Queue: Idan Raiter <idanr@google.com>
Reviewed-by: Noah Gold <nkgold@google.com>
This is to keep consistency with Windows downstream code.
The conversion from ProcessType to EmulatorProcessType is moved to
the metrics crate as it is only used for generating metrics.
BUG=b:213146388
TEST=presubmit
Change-Id: Ia62f76835a1f162dd8bbc9e53fd671968c368473
Reviewed-on: https://chromium-review.googlesource.com/c/crosvm/crosvm/+/3908370
Reviewed-by: Daniel Verkamp <dverkamp@chromium.org>
Commit-Queue: Pujun Lun <lunpujun@google.com>
This search/replace updates all copyright notices to drop the
"All rights reserved", Use "ChromiumOS" instead of "Chromium OS"
and drops the trailing dots.
This fulfills the request from legal and unifies our notices.
./tools/health-check has been updated to only accept this style.
BUG=b:246579983
TEST=./tools/health-check
Change-Id: I87a80701dc651f1baf4820e5cc42469d7c5f5bf7
Reviewed-on: https://chromium-review.googlesource.com/c/crosvm/crosvm/+/3894243
Reviewed-by: Daniel Verkamp <dverkamp@chromium.org>
Commit-Queue: Dennis Kempin <denniskempin@google.com>
crosvm is switching the import style to use one import per line.
While more verbose, this will greatly reduce the occurence of merge
conflicts going forward.
Note: This is using a nightly feature of rustfmt. So it's a one-off
re-format only. We are considering adding a nightly toolchain to
enable the feature permanently.
BUG=b:239937122
TEST=CQ
Change-Id: Id2dd4dbdc0adfc4f8f3dd1d09da1daafa2a39992
Reviewed-on: https://chromium-review.googlesource.com/c/crosvm/crosvm/+/3784345
Reviewed-by: Daniel Verkamp <dverkamp@chromium.org>
Tested-by: Dennis Kempin <denniskempin@google.com>
Commit-Queue: Dennis Kempin <denniskempin@google.com>
We depend on both lazy_static and once_cell, which do basically the same
thing.
The once_cell crate has a few advantages:
- once_cell is on track to be included into libstd.
(https://github.com/rust-lang/rust/issues/74465)
- once_cell doesn't require macro magic.
Replace the uses of lazy_static with their once_cell equivalents so we
don't need to pull in both crates.
BUG=b:236191006
TEST=tools/presubmit --all
TEST=tools/run_tests --target=host --arch=win64 --build-only
TEST=cargo test --features=plugin
Change-Id: I7cabcd837ef4878e8e8ae635bb4f235a58e4cae3
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/3707624
Tested-by: kokoro <noreply+kokoro@google.com>
Commit-Queue: Daniel Verkamp <dverkamp@chromium.org>
Reviewed-by: Noah Gold <nkgold@google.com>
These are the only two places still using edition = 2018.
BUG=None
TEST=tools/fmt --check
Change-Id: I32577672d768db51ded66831089f135ffa77ea41
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/3680641
Reviewed-by: Anton Romanov <romanton@google.com>
Tested-by: kokoro <noreply+kokoro@google.com>
Commit-Queue: Daniel Verkamp <dverkamp@chromium.org>