Replace the automatically derived Clone implementation with an
activate() function. For now, this just manually performs the same
action as the derived clone(), but it prevents accidental cloning of
queues, and it gives us a place to put additional checks that need to
occur at the point where a queue is enabled.
BUG=b:201119859
TEST=tools/presubmit --all
Change-Id: Ie72c0c7c90d819ec7ce586eca0b69d58f546b390
Reviewed-on: https://chromium-review.googlesource.com/c/crosvm/crosvm/+/4094294
Commit-Queue: Daniel Verkamp <dverkamp@chromium.org>
Reviewed-by: Alexandre Courbot <acourbot@chromium.org>
Adds a fall-back to cros_fuzz when compiled without
fuzzing enabled that will just produce a main fn entrypoint
with the fuzzing code.
This allows the fuzzing code to be compiled, but won't produce
functional fuzzing binaries.
BUG=b:265829867
FIXES=b:244631591
TEST=crosvm CQ
cargo +nightly fuzz run --fuzz-dir crosvm-fuzz --features upstream-fuzz crosvm_block_fuzzer
Change-Id: Ib2602aab5c5373cb2a71dca0d8419640a00c6725
Reviewed-on: https://chromium-review.googlesource.com/c/crosvm/crosvm/+/4167143
Commit-Queue: Dennis Kempin <denniskempin@google.com>
Reviewed-by: Zihan Chen <zihanchen@google.com>
The Queue::validate() function verified that the descriptor, avail, and
used rings fall within valid guest memory regions. However, this check
was skipped when an IOMMU was enabled, so the Queue::peek() function had
to be robust against out-of-bounds memory addresses already.
Move the integer overflow checks of ring guest addresses into the
`Queue::set_ready()` function, which is called when the driver enables
each queue (and must have already configured the queue addresses). This
allows the checks to be performed once at queue enable time instead of
every time `peek()`/`pop()` is called.
The `GuestMemory::address_in_range()` checks are removed. These are not
necessary to ensure correctness, as all read/write accesses in Queue
functions that operate on guest memory already use helper functions that
ensure out-of-bounds memory accesses are rejected (read_obj_from_addr()
and write_obj_at_addr() via the wrapper functions that handle IOMMU).
BUG=None
TEST=Boot x86-64 Linux in crosvm
Change-Id: I51cca6554c4c5f134082e9326bcf59499f201c1c
Reviewed-on: https://chromium-review.googlesource.com/c/crosvm/crosvm/+/4045044
Commit-Queue: Daniel Verkamp <dverkamp@chromium.org>
Reviewed-by: Keiichi Watanabe <keiichiw@chromium.org>
Fix a few recently introduced formatting mismatches.
Change-Id: I1617683532d3cc45f67ec15408fbd4ec4c9d6bb2
Reviewed-on: https://chromium-review.googlesource.com/c/crosvm/crosvm/+/3928132
Commit-Queue: Dennis Kempin <denniskempin@google.com>
Auto-Submit: Daniel Verkamp <dverkamp@chromium.org>
Reviewed-by: Dennis Kempin <denniskempin@google.com>
Fuzzer targets can be ran with
cargo +nightly fuzz run --fuzz-dir crosvm-fuzz --features
upstream-fuzz <target>
This should enable us to move fuzzing to anywhere including
ClusterFuzz while maintain compatibility with cros infra.
TEST=`cargo fuzz` won't crash in first 30s,
`USE="asan fuzzer" emerge-hatch crosvm` builds,
`/build/hatch/usr/libexec/fuzzers/crosvm_qcow_fuzzer` won't
crash in first 30s
FIXED=b:245007212
BUG=b:244631591
Change-Id: I4b262ee1a6a90247dea96347c55a3849af793bec
Reviewed-on: https://chromium-review.googlesource.com/c/crosvm/crosvm/+/3905095
Auto-Submit: Zihan Chen <zihanchen@google.com>
Commit-Queue: Dennis Kempin <denniskempin@google.com>
Reviewed-by: Dennis Kempin <denniskempin@google.com>
This search/replace updates all copyright notices to drop the
"All rights reserved", Use "ChromiumOS" instead of "Chromium OS"
and drops the trailing dots.
This fulfills the request from legal and unifies our notices.
./tools/health-check has been updated to only accept this style.
BUG=b:246579983
TEST=./tools/health-check
Change-Id: I87a80701dc651f1baf4820e5cc42469d7c5f5bf7
Reviewed-on: https://chromium-review.googlesource.com/c/crosvm/crosvm/+/3894243
Reviewed-by: Daniel Verkamp <dverkamp@chromium.org>
Commit-Queue: Dennis Kempin <denniskempin@google.com>
crosvm is switching the import style to use one import per line.
While more verbose, this will greatly reduce the occurence of merge
conflicts going forward.
Note: This is using a nightly feature of rustfmt. So it's a one-off
re-format only. We are considering adding a nightly toolchain to
enable the feature permanently.
BUG=b:239937122
TEST=CQ
Change-Id: Id2dd4dbdc0adfc4f8f3dd1d09da1daafa2a39992
Reviewed-on: https://chromium-review.googlesource.com/c/crosvm/crosvm/+/3784345
Reviewed-by: Daniel Verkamp <dverkamp@chromium.org>
Tested-by: Dennis Kempin <denniskempin@google.com>
Commit-Queue: Dennis Kempin <denniskempin@google.com>
Disallow modification of a queue configuration's after it has been
enabled, since the spec states drivers MUST configure the other
virtqueue fields before setting enabling the virtqueue. This allows the
queue validation to be done once and then saved, instead of requiring
validation for every peek.
Before this change, modifications of running virtqueues were not well
defined, since the Queue instance owned by the VirtioPciDevice is not
the same as the Queue instance owned by the VirtioDevice implementation.
BUG=None
TEST=boot ARCVM and crostini on ManaTEE and non-ManaTEE
Change-Id: Ibd1f2bdb0a49865cedd8a0424199a72316696b4d
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/3737409
Commit-Queue: David Stevens <stevensd@chromium.org>
Tested-by: kokoro <noreply+kokoro@google.com>
Reviewed-by: Daniel Verkamp <dverkamp@chromium.org>
This is the version used by rand 0.8.x (and the latest available version
as of this writing), so this allows us to upgrade crosvm-fuzz to rand
0.8 as well.
BUG=b:236978141
TEST=tools/dev_container tools/run_tests --target=host
TEST=USE='asan fuzzer' emerge-amd64-generic crosvm
Change-Id: I297f6c17114b2b8e8f12d5dd9d35b071b91d6780
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/3722780
Reviewed-by: Dennis Kempin <denniskempin@google.com>
Commit-Queue: Daniel Verkamp <dverkamp@chromium.org>
Tested-by: kokoro <noreply+kokoro@google.com>
This change contains the results of running
./tools/contib/cargo_refactor.py
This will break the next uprev, and needs to be synchronizized
with the corresponding ebuild changes in https://crrev.com/c/3248925
BUG=b:195126527
TEST=./tools/run_tests
Change-Id: Ied15a1841887bb8f59fba65b912b81acf69beb73
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/3248129
Tested-by: kokoro <noreply+kokoro@google.com>
Commit-Queue: Dennis Kempin <denniskempin@google.com>
Reviewed-by: Daniel Verkamp <dverkamp@chromium.org>
