This CL adds a command-line flag to crosm that locks the entire guest
memory, per http://go/host-assisted-vm-swap.
The change relies on existing balloon device code that punches holes
within the guest memory region upon "inflate".
BUG=b:236210703
TEST=manual startup, roblox+instagram and various chrome sessions
Change-Id: I11e0e5b0b0cb6450f47124a6a8b6c4befd9de6ae
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/3725731
Reviewed-by: Keiichi Watanabe <keiichiw@chromium.org>
Reviewed-by: David Stevens <stevensd@chromium.org>
Tested-by: kokoro <noreply+kokoro@google.com>
Commit-Queue: Alexandre Marciano Gimenez <raging@google.com>
Auto-Submit: Alexandre Marciano Gimenez <raging@google.com>
When creating shared memory, 'name' can have one of two meanings. It
could either be a debugging tag with no semantic meaning, or it could
uniquely identify a shared memory object within some namespace. Linux
memfd uses name in the first meaning, whereas Windows (and Linux shm)
uses it in the second meaning.
Currently, crosvm has no use cases for the named shared memory of the
second type, so it is not supported. Make it clear that the SharedMemory
APIs treats name as a debugging-only name. Remove the "anon" and "named"
constructors, since they had no semantic meaning. Also require a name
when constructing a SharedMemory, since there's no reason not to provide
one to make debugging easier.
The only semantic change is setting the name of GuestMemory's underlying
shmem to "crosvm_guest", which it was until recently. This fixes some
ManaTEE tests which use the name to determine CrOS guest memory usage.
BUG=None
TEST=compiles
Change-Id: I78d5046df04d6f19640abbbc67af6bd433a177b0
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/3676695
Commit-Queue: David Stevens <stevensd@chromium.org>
Reviewed-by: Daniel Verkamp <dverkamp@chromium.org>
Tested-by: kokoro <noreply+kokoro@google.com>
Originally added on Windows. Allows us to get an aligned address from a
GuestAddress.
TEST=builds
BUG=b:213153154
Change-Id: I4bca6609f0fc2346598a52bd71f2ec60ac7f08f7
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/3653425
Tested-by: kokoro <noreply+kokoro@google.com>
Commit-Queue: Noah Gold <nkgold@google.com>
Reviewed-by: Daniel Verkamp <dverkamp@chromium.org>
This provides at least a minimal one-line description to show what each
crate is about.
BUG=None
TEST=tools/cargo-doc
Change-Id: I26732e8c29062e622d5be09bdc120a49d564b9fd
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/3630422
Reviewed-by: Dennis Kempin <denniskempin@google.com>
Commit-Queue: Daniel Verkamp <dverkamp@chromium.org>
Tested-by: kokoro <noreply+kokoro@google.com>
This is useful when adding temporary logs to dump it for debugging.
TEST=tools/dev_container tools/run_tests --target=vm:aarch64
Change-Id: Ia982104943b214b67472f7bdd03c9511191c35cb
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/3627452
Tested-by: kokoro <noreply+kokoro@google.com>
Commit-Queue: Dmitry Torokhov <dtor@chromium.org>
Auto-Submit: Andrew Walbran <qwandor@google.com>
Reviewed-by: Dmitry Torokhov <dtor@chromium.org>
Run tests for sys_util_core, poll_token_derive and balloon_control on
windows.
Using dotfiles to disable/serialize test runs of a subset of crates does
not work well with third party crates as it forces us to commit the dot
file to the crate.
The patch modifies and uses the script that runs linux tests.
This patch also allows us to
- build/test child crate even if parent crate has disabled build/test.
- avoid building crosvm if it is not explicitly specified.
RIP short lived .windows_build_test_skip. You allowed us to run noop
kokoro tests.
Test: py .\tools\impl\test_runner.py --arch x86_64
Bug: b:215610772
Change-Id: Icc6d04ffd7c0c33d4f60aeac16fc7d23881c387d
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/3459809
Reviewed-by: Dennis Kempin <denniskempin@google.com>
Tested-by: kokoro <noreply+kokoro@google.com>
Commit-Queue: Vikram Auradkar <auradkar@google.com>
and BasicMemoryMapper impl. This will be used for
VIRTIO_F_IOMMU_PLATFORM support in virtio-iommu.
BUG=b:215307964
TEST=cargo test/block device with VIRTIO_F_ACCESS_PLATFORM
with crrev.com/c/3347309 (to be submitted)
Change-Id: Iadd964556edf5b95aa00b542b4bde5a997756090
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/3334331
Reviewed-by: Keiichi Watanabe <keiichiw@chromium.org>
Reviewed-by: David Stevens <stevensd@chromium.org>
Tested-by: kokoro <noreply+kokoro@google.com>
Commit-Queue: Woody Chow <woodychow@google.com>
The patch also adds files to skip building and testing crates on
windows. When we run
```
tools/windows/build_test.py --skip_file_name .windows_build_test_skip
```
the build/test succeeds without actually doing anything as build/test
for all crates is skipped by creating '.windows_build_test_skip'.
Bug: 213170957
Test: Ran script on downstream repo
Change-Id: Iebd2cea463ee722be4feaed88229e1fb5e9fd6c5
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/3417918
Reviewed-by: Dennis Kempin <denniskempin@google.com>
Tested-by: kokoro <noreply+kokoro@google.com>
Commit-Queue: Vikram Auradkar <auradkar@google.com>
This reverts commit b975546c3f.
Reason for revert: mlock is insufficient to prevent migration/compacting of guest memory, and therefore pKVM has been modified to perform pinning in the kernel, making the mlock call superfluous.
Original change's description:
> vm-memory: mlock2(MLOCK_ONFAULT) guest memory for protected VMs
>
> By default, the memory of a protected VM is inaccessible to the host
> and crosvm. Consequently, attempts to access guest memory are fatal and
> must be avoided in order for the guest to run.
>
> Mlock guest pages as they are faulted in for protected VMs, ensuring
> that the host doesn't try to age or swap them out as a result of memory
> pressure.
>
> Bug: b:204298056
> Test: cargo test on x86 and arm64
> Cc: Quentin Perret <qperret@google.com>
> Cc: Andrew Walbran <qwandor@google.com>
> Signed-off-by: Will Deacon <willdeacon@google.com>
> Change-Id: I618ec1e8b1136a47a8b3ef563e45bc41d75ab517
> Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/3257689
> Tested-by: kokoro <noreply+kokoro@google.com>
> Reviewed-by: Chirantan Ekbote <chirantan@chromium.org>
Bug: b:204298056
Change-Id: Ibdcc579805c47adf35412b732829c074ce038471
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/3310884
Tested-by: kokoro <noreply+kokoro@google.com>
Commit-Queue: Quentin Perret <qperret@google.com>
Auto-Submit: Quentin Perret <qperret@google.com>
Reviewed-by: Will Deacon <willdeacon@google.com>
Reviewed-by: Andrew Walbran <qwandor@google.com>
Reviewed-by: Chirantan Ekbote <chirantan@chromium.org>
In addition to SharedMemory, we allow File (e.g. mmap'd file) to be an
backing object of MemoryRegion.
BUG=b:194137301
TEST=kokoro
Change-Id: I9dafd028eaf74cf34820ba3f16e458c08ec67cb8
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/3159883
Tested-by: kokoro <noreply+kokoro@google.com>
Commit-Queue: Keiichi Watanabe <keiichiw@chromium.org>
Reviewed-by: Chirantan Ekbote <chirantan@chromium.org>
As before, some are automatically fixed by clippy, some manually
fixed.
BUG=b:192373803
TEST=./tools/presubmit
Change-Id: Ifcab4cf60775ee6bb7d4530af6406a74958432ed
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/3283683
Tested-by: kokoro <noreply+kokoro@google.com>
Commit-Queue: Dennis Kempin <denniskempin@google.com>
Reviewed-by: Daniel Verkamp <dverkamp@chromium.org>
By default, the memory of a protected VM is inaccessible to the host
and crosvm. Consequently, attempts to access guest memory are fatal and
must be avoided in order for the guest to run.
Mlock guest pages as they are faulted in for protected VMs, ensuring
that the host doesn't try to age or swap them out as a result of memory
pressure.
Bug: b:204298056
Test: cargo test on x86 and arm64
Cc: Quentin Perret <qperret@google.com>
Cc: Andrew Walbran <qwandor@google.com>
Signed-off-by: Will Deacon <willdeacon@google.com>
Change-Id: I618ec1e8b1136a47a8b3ef563e45bc41d75ab517
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/3257689
Tested-by: kokoro <noreply+kokoro@google.com>
Reviewed-by: Chirantan Ekbote <chirantan@chromium.org>
This change contains the results of running
./tools/contib/cargo_refactor.py
This will break the next uprev, and needs to be synchronizized
with the corresponding ebuild changes in https://crrev.com/c/3248925
BUG=b:195126527
TEST=./tools/run_tests
Change-Id: Ied15a1841887bb8f59fba65b912b81acf69beb73
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/3248129
Tested-by: kokoro <noreply+kokoro@google.com>
Commit-Queue: Dennis Kempin <denniskempin@google.com>
Reviewed-by: Daniel Verkamp <dverkamp@chromium.org>
If we need descriptor for things that aren't file or other shared_memory objects, we can create a separate descriptor change, but it shouldn't be the default.
This reverts commit 533c5c8258.
Reason for revert: this causes conflicts with other platforms.
Original change's description:
> vm_memory: Add from_desciptor() in MemoryMappingBuilder
>
> MemoryMappingBuilder had `from_file()` and `from_shared_memory`, which
> are almost the same. So, this commit adds `from_descriptor()` to replace
> both of the two.
>
> BUG=b:194137301
> TEST=build
>
> Change-Id: Ia13f5e8e0f95a5c32e47dc9b3be13b7a7fa510bf
> Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/3159881
> Tested-by: kokoro <noreply+kokoro@google.com>
> Commit-Queue: Keiichi Watanabe <keiichiw@chromium.org>
> Reviewed-by: Chirantan Ekbote <chirantan@chromium.org>
Bug: b:194137301
Change-Id: Ie203ee3eb3dcddd41c5e55b6980dc6292eb24f85
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/3183183
Auto-Submit: Udam Saini <udam@google.com>
Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Commit-Queue: Udam Saini <udam@google.com>
Reviewed-by: Noah Gold <nkgold@google.com>
Reviewed-by: Keiichi Watanabe <keiichiw@chromium.org>
Tested-by: kokoro <noreply+kokoro@google.com>
MemoryMappingBuilder had `from_file()` and `from_shared_memory`, which
are almost the same. So, this commit adds `from_descriptor()` to replace
both of the two.
BUG=b:194137301
TEST=build
Change-Id: Ia13f5e8e0f95a5c32e47dc9b3be13b7a7fa510bf
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/3159881
Tested-by: kokoro <noreply+kokoro@google.com>
Commit-Queue: Keiichi Watanabe <keiichiw@chromium.org>
Reviewed-by: Chirantan Ekbote <chirantan@chromium.org>
This new API converts a GuestAddress to a host pointer and verify that
the provided size define a valid range within a single memory region.
BUG=b:181736020
TEST=cargo test and bin/clippy
Change-Id: Ie9f6c674a2b414837dae5c4e496bdc32ed606e73
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/2757274
Tested-by: kokoro <noreply+kokoro@google.com>
Commit-Queue: David Stevens <stevensd@chromium.org>
Reviewed-by: Daniel Verkamp <dverkamp@chromium.org>
This error hasn't been used for a while and now generates an unused
warning.
Change-Id: Ica4a26332966e12dff29f01c0e110c6a1262b23c
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/2947798
Reviewed-by: Keiichi Watanabe <keiichiw@chromium.org>
Reviewed-by: Chirantan Ekbote <chirantan@chromium.org>
Tested-by: kokoro <noreply+kokoro@google.com>
Commit-Queue: Dylan Reid <dgreid@chromium.org>
Add `vhost_user_devices` crate which will be used to create a vhost-user
device executables.
BUG=b:185089400
TEST=cargo test in /vhost_user_devices
Change-Id: I7256d68316f7763d3ceaa65abc97663975e7608f
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/2822169
Tested-by: kokoro <noreply+kokoro@google.com>
Reviewed-by: Noah Gold <nkgold@google.com>
Reviewed-by: Chirantan Ekbote <chirantan@chromium.org>
Commit-Queue: Keiichi Watanabe <keiichiw@chromium.org>
The syscall_defines crate is redundant with an up to date libc. This
change removes any dependency on syscall_defines. A new libc is required
to bring in some new syscall numbers like the ones for io_uring.
TEST=./test_all
BUG=None
Cq-Depend: chromium:2832000
Change-Id: I6df7fb992bacb5efd54cefca08836d52f4bfcd8c
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/2832001
Tested-by: kokoro <noreply+kokoro@google.com>
Reviewed-by: Allen Webb <allenwebb@google.com>
Reviewed-by: Dylan Reid <dgreid@chromium.org>
Reviewed-by: Chirantan Ekbote <chirantan@chromium.org>
Commit-Queue: Zach Reizner <zachr@chromium.org>
set_memory_policy() method accepts MemoryPolicy bitmask - a
set of hints what kind of memory advices GuestMemory can
provide to the kernel. For the time being we support only
one advice - MADV_HUGEPAGE.
BUG=b:174206107
TEST=arc.Boot.vm on hatch-arc-r
Signed-off-by: Sergey Senozhatsky <senozhatsky@chromium.org>
Change-Id: Ibc3e4a2bb2ac7059de80dfba45e1cee3af4c3bcc
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/2812546
Tested-by: kokoro <noreply+kokoro@google.com>
Reviewed-by: Chirantan Ekbote <chirantan@chromium.org>
This CL addresses some minor issues with the existing interface:
1. from_descriptor is too generic for some platforms that require
special handling for file/File backed mappings.
2. Nearly all call sites pass either File or SharedMemory. Now
we just have from_ methods for those types to preserve type
information.
3. Other platforms require additional fields in MemoryMapping, so a
tuple struct no longer makes sense.
4. The mmap syscall error message was misleading as we use it for more
than just the mmap syscall.
BUG=None
TEST=builds
Change-Id: I74c41bad52bb81880a11231cd18f47e233548a24
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/2815614
Reviewed-by: Udam Saini <udam@google.com>
Reviewed-by: Zach Reizner <zachr@chromium.org>
Tested-by: kokoro <noreply+kokoro@google.com>
Commit-Queue: Noah Gold <nkgold@google.com>
With multiple regions potentially backing a single `GuestMemory`
instance, `AsRef` doesn't make sense any more. Switch the one user to
`shm_region` which returns the region for a given address.
The `AsRef` implementation was accidentally left in the change to allow
multiple regions in guest memory.
Change-Id: I1246de004315a44f1f9d58995d837f3fbecb5d6c
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/2808745
Tested-by: kokoro <noreply+kokoro@google.com>
Commit-Queue: Dylan Reid <dgreid@chromium.org>
Reviewed-by: Daniel Verkamp <dverkamp@chromium.org>
Reviewed-by: Chih-Yang Hsia <paulhsia@chromium.org>
Allowing each region to have a separate backing FD will make it possible
to build GuestMemory from the vhost `SET_MEM_TABLE` message that
transmits the memory regions for virtio queues in vhost-user devices.
Change-Id: I6f9bc6136915da9d873ea896823e3b8f426ca69d
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/2795282
Reviewed-by: Gurchetan Singh <gurchetansingh@chromium.org>
Reviewed-by: Daniel Verkamp <dverkamp@chromium.org>
Tested-by: kokoro <noreply+kokoro@google.com>
Commit-Queue: Dylan Reid <dgreid@chromium.org>
Useful for the udmabuf use case. The current offset used
by the callback is relative to the mapping, not the absolute
memfd offset.
BUG=chromium:892806, b:173630595
TEST=cargo test -p vm_memory
Change-Id: I57d02d016888a2d974f1f9e359375cb0941dc949
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/2786289
Tested-by: kokoro <noreply+kokoro@google.com>
Tested-by: Gurchetan Singh <gurchetansingh@chromium.org>
Commit-Queue: Gurchetan Singh <gurchetansingh@chromium.org>
Reviewed-by: Daniel Verkamp <dverkamp@chromium.org>
This CL replaces BorrowedIoVec with VolatileSlice, since VolatileSlice
is a superset of the BorrowedIoVec interface. Also uring_mem -> mem
since that interface will not be exclusively used by uring.
BUG=none
TEST=builds
Change-Id: I33e23483e7afc263c76d71f88736cf38fd5e520e
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/2724863
Reviewed-by: Dylan Reid <dgreid@chromium.org>
Tested-by: kokoro <noreply+kokoro@google.com>
Commit-Queue: Noah Gold <nkgold@google.com>
These are causing the clippy pre-upload hook to fail for me.
BUG=none
TEST=bin/clippy
Change-Id: Ifa5b6b008ca1e930ba203034234ce3da56830b11
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/2574584
Auto-Submit: Chirantan Ekbote <chirantan@chromium.org>
Tested-by: kokoro <noreply+kokoro@google.com>
Commit-Queue: Daniel Verkamp <dverkamp@chromium.org>
Reviewed-by: Daniel Verkamp <dverkamp@chromium.org>
Reviewed-by: Stephen Barber <smbarber@chromium.org>
Along with this rename comes updating all usages to the
appropriate RawDescriptor traits. As per usual it touches
many files, but makes no significant changes.
The only remaining instance of "keep_fds" is to call out to
3p lib adhd.
BUG=b:162363783
TEST=./build_test
Change-Id: I6d292cc6404a9f84ffa5bf1320b6545a28842afa
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/2488071
Commit-Queue: Michael Hoyle <mikehoyle@google.com>
Tested-by: Michael Hoyle <mikehoyle@google.com>
Reviewed-by: Daniel Verkamp <dverkamp@chromium.org>
New option, --size-only, speeds up using build_test for getting release
binary size by skipping everything else. The lto flag is also added for
release builds to get a more realistic comparison.
The list of crates to test is built up automatically instead of
hard coded. To modify what gets included, empty .build_test_* files are
checked for existance. This is better than hard coding the list of
packages because it was frequently out of date.
For certain crate tests, a dynamic library that only exists in a sysroot
is required. This change includes a fix that adds the sysroot's lib
directory to the LD_LIBRARY_PATH env variable, similar to how
PKG_CONFIG_LIBDIR is modified.
TEST=build_test
BUG=None
Change-Id: I626cbcccf40035a0d29001cef7989a091848e4c9
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/2444273
Tested-by: Zach Reizner <zachr@chromium.org>
Tested-by: kokoro <noreply+kokoro@google.com>
Auto-Submit: Zach Reizner <zachr@chromium.org>
Reviewed-by: Zach Reizner <zachr@chromium.org>
Reviewed-by: Daniel Verkamp <dverkamp@chromium.org>
Commit-Queue: Zach Reizner <zachr@chromium.org>
This is very largely boilerplate, but changes some interfaces
to accept different parameters, esp using Descriptor.
BUG=b:162363783
TEST=./build_test
Change-Id: I81b513c0de9448c2de505fe5d3a61a29f4eccb78
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/2342591
Reviewed-by: Zach Reizner <zachr@chromium.org>
Tested-by: kokoro <noreply+kokoro@google.com>
Commit-Queue: Michael Hoyle <mikehoyle@google.com>
For now, this crate simply re-exports all of sys_util, but it will
be updated to provide new interfaces when needed. This is the
first step to making crosvm not directly depend on sys_util, so
that we can make the interface changes we need without fear of
negatively affecting (i.e. completely breaking) other usages
within chromeos.
BUG=b:162363783
TEST=./build_test
Change-Id: I7d0aa3d8a1f66af1c7fee8fd649723ef17027150
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/2325168
Tested-by: Michael Hoyle <mikehoyle@google.com>
Tested-by: kokoro <noreply+kokoro@google.com>
Commit-Queue: Michael Hoyle <mikehoyle@google.com>
Reviewed-by: Daniel Verkamp <dverkamp@chromium.org>
Reviewed-by: Zach Reizner <zachr@chromium.org>
Implementing `BackingMemory` signals that `GuestMemory` regions can be
used in uring transactions where the lifetime in which the kernel can
modify the memory is not well defined.
Change-Id: I3541fff4c5dac226062a94483672f570e7adeb18
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/2275725
Reviewed-by: Chirantan Ekbote <chirantan@chromium.org>
Commit-Queue: Dylan Reid <dgreid@chromium.org>
Tested-by: Dylan Reid <dgreid@chromium.org>
Move GuestAddress and GuestMemory to a new crate for VM memory. This
will make separating sys_util and crosvm independent making it easier
to use sys_util functions outside of crosvm.
Change-Id: I12e14948ea85754dfa6267b3a3fb32b77ef6796e
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/2311251
Auto-Submit: Dylan Reid <dgreid@chromium.org>
Commit-Queue: Dylan Reid <dgreid@chromium.org>
Tested-by: Dylan Reid <dgreid@chromium.org>
Reviewed-by: Zach Reizner <zachr@chromium.org>
