Tooling has changed and the book was outdated.
BUG=None
TEST=presubmit
Change-Id: Ieb15dacbc234549411ab9351bb53a4ee9b25b035
Reviewed-on: https://chromium-review.googlesource.com/c/crosvm/crosvm/+/4278705
Commit-Queue: Dennis Kempin <denniskempin@google.com>
Reviewed-by: Frederick Mayle <fmayle@google.com>
Original commit message:
> docs: book: fix memory layout source links and line numbers
>
> The crosvm-upstream repository in the ChromiumOS git host was removed,
> so use crosvm instead.
>
> BUG=None
> TEST=mdbook build # and click through links
This reverts commit 935ad063c6.
BUG=None
TEST=mdbook build
Change-Id: Ifc1e308f6a23148ea4aa3fbd49c64e87c8a732e5
Reviewed-on: https://chromium-review.googlesource.com/c/crosvm/crosvm/+/4277063
Reviewed-by: Shin Kawamura <kawasin@google.com>
Reviewed-by: Keiichi Watanabe <keiichiw@chromium.org>
Commit-Queue: Daniel Verkamp <dverkamp@chromium.org>
The issue that caused the revert has been fixed by commit 64065f6b213a
("cros_fdt: remove max_size from FdtWriter::finish()"). The FDT was
padded to a size larger than the available setup_data space on x86-64,
which caused startup to fail any time the --android-fstab option was
used.
Original commit message:
> This moves the setup_data out of the way of the bzImage decompression
> stub, so it won't get overwritten.
>
> Fixes a regression with some kernel configurations introduced in commit
> 5bedfa3408 ("x86_64: add SETUP_RNG_SEED setup_data entry"), which
> unconditionally adds a setup_data entry.
>
> BUG=b:268397895
> TEST=boot x86-64 bzImage in crosvm that previously failed
> TEST=cargo test -p x86_64
This reverts commit a0d14ce819.
BUG=b:268397895
TEST=Start ARCVM on x86-64
TEST=Start Crostini on arm
Change-Id: I41f14578673ea00d1453841dd7cb2438a0a13355
Reviewed-on: https://chromium-review.googlesource.com/c/crosvm/crosvm/+/4277062
Reviewed-by: Shin Kawamura <kawasin@google.com>
Reviewed-by: Keiichi Watanabe <keiichiw@chromium.org>
Commit-Queue: Daniel Verkamp <dverkamp@chromium.org>
This reverts commit e5aec1e53d.
Reason for revert: The android fstab which is capped limited up to `X86_64_FDT_MAX_SIZE` exceeds the `SETUP_DATA_END` at least on an octopus DUT.
Original change's description:
> x86_64: place setup_data immediately after cmdline
>
> This moves the setup_data out of the way of the bzImage decompression
> stub, so it won't get overwritten.
>
> Fixes a regression with some kernel configurations introduced in commit
> 5bedfa3408 ("x86_64: add SETUP_RNG_SEED setup_data entry"), which
> unconditionally adds a setup_data entry.
>
> BUG=b:268397895
> TEST=boot x86-64 bzImage in crosvm that previously failed
> TEST=cargo test -p x86_64
>
> Change-Id: Ie5efc19d607aad16c1ca80bcdd2fb62933dd73e1
> Fixes: 5bedfa3408 ("x86_64: add SETUP_RNG_SEED setup_data entry")
> Reviewed-on: https://chromium-review.googlesource.com/c/crosvm/crosvm/+/4233967
> Commit-Queue: Daniel Verkamp <dverkamp@chromium.org>
> Reviewed-by: Dmitrii Osipenko <dmitry.osipenko@collabora.corp-partner.google.com>
> Reviewed-by: Zihan Chen <zihanchen@google.com>
Bug: b:268397895
Change-Id: Ie430caa38b745cb1d5e69ac644a2c76813069221
Reviewed-on: https://chromium-review.googlesource.com/c/crosvm/crosvm/+/4272810
Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Reviewed-by: Keiichi Watanabe <keiichiw@chromium.org>
Commit-Queue: Keiichi Watanabe <keiichiw@chromium.org>
The crosvm-upstream repository in the ChromiumOS git host was removed,
so use crosvm instead.
BUG=None
TEST=mdbook build # and click through links
Change-Id: Ib35d930505c1a3381ce4f4fc53f54d626c810d1e
Reviewed-on: https://chromium-review.googlesource.com/c/crosvm/crosvm/+/4233968
Commit-Queue: Daniel Verkamp <dverkamp@chromium.org>
Reviewed-by: Zihan Chen <zihanchen@google.com>
This moves the setup_data out of the way of the bzImage decompression
stub, so it won't get overwritten.
Fixes a regression with some kernel configurations introduced in commit
5bedfa3408 ("x86_64: add SETUP_RNG_SEED setup_data entry"), which
unconditionally adds a setup_data entry.
BUG=b:268397895
TEST=boot x86-64 bzImage in crosvm that previously failed
TEST=cargo test -p x86_64
Change-Id: Ie5efc19d607aad16c1ca80bcdd2fb62933dd73e1
Fixes: 5bedfa3408 ("x86_64: add SETUP_RNG_SEED setup_data entry")
Reviewed-on: https://chromium-review.googlesource.com/c/crosvm/crosvm/+/4233967
Commit-Queue: Daniel Verkamp <dverkamp@chromium.org>
Reviewed-by: Dmitrii Osipenko <dmitry.osipenko@collabora.corp-partner.google.com>
Reviewed-by: Zihan Chen <zihanchen@google.com>
This is the limit used by Linux kernels since the 2.6 era, as reported
in the bzImage header as well as the COMMAND_LINE_SIZE definition in
setup.h.
The previous allocation of almost 2 MB was excessive and would have
also overlapped the memory region used for ACPI tables had a long
enough command line been provided.
We will use the area freed up by this change for the setup_data in the
next change.
BUG=b:268397895
TEST=boot x86-64 bzImage in crosvm
Change-Id: I3b5a3771549c3352e609a9685f591be38ae9fa63
Reviewed-on: https://chromium-review.googlesource.com/c/crosvm/crosvm/+/4233966
Commit-Queue: Daniel Verkamp <dverkamp@chromium.org>
Reviewed-by: Zihan Chen <zihanchen@google.com>
Adds a new hypervisor capability that causes crosvm to statically
allocate the location of the swiotlb buffer.
This will be used by the gunyah hypervisor.
BUG=b:244630071,b:232360323
Change-Id: Ia2f379bb6f2fa89167ddc73d65ec1b8c5494bdf6
Reviewed-on: https://chromium-review.googlesource.com/c/crosvm/crosvm/+/4197001
Reviewed-by: Daniel Verkamp <dverkamp@chromium.org>
Reviewed-by: Vikram Auradkar <auradkar@google.com>
Commit-Queue: Frederick Mayle <fmayle@google.com>
cross-compilation requires additional configuration that depends
heavily on the host platform. Unfortunately cargo cannot be
configured on a per host platform basis so this has to be done
manually.
Most developers are just using native compilation (and using
the containers for everything else). So we can slim our
install-deps scripts a bit.
To verify the updated install scripts, this change includes
containers to simulate a fresh developer workstation that
can be used to verify out of the box workflows.
BUG=b:262829206
BUG=b:265995780
BUG=b:265842137
TEST=tools/contrib/minimal_container/test-all.sh and CQ
Change-Id: I0e803d0224306e5351728e2c80fcbcd8260d029d
Reviewed-on: https://chromium-review.googlesource.com/c/crosvm/crosvm/+/4179290
Reviewed-by: Zihan Chen <zihanchen@google.com>
Commit-Queue: Dennis Kempin <denniskempin@google.com>
The guide is WIP and doesn't contain instructions to test and run
crosvm on windows.
BUG=b:264555939
TEST=none
Change-Id: Iedc9099ec458757c4cc92be536dc64ec4e6e4929
Reviewed-on: https://chromium-review.googlesource.com/c/crosvm/crosvm/+/4149728
Reviewed-by: Dennis Kempin <denniskempin@google.com>
Commit-Queue: Vikram Auradkar <auradkar@google.com>
Update the vhost-user docs to recommend the new and improved
`crosvm devices` subcommand rather than `crosvm device`.
BUG=None
TEST=run the commands
Change-Id: I3ed5d2408cb217116603033eeb551df515eaf8ef
Reviewed-on: https://chromium-review.googlesource.com/c/crosvm/crosvm/+/4160471
Reviewed-by: Alexandre Courbot <acourbot@chromium.org>
Commit-Queue: Daniel Verkamp <dverkamp@chromium.org>
The features.md file in the book duplicates the feature descriptions
originating in Cargo.toml and generated in the cargo doc output by
document-features. Remove the (outdated) features.md descriptions and
replace the content with a link to the cargo doc feature list.
BUG=None
TEST=tools/cargo-doc
TEST=cd docs/book; mdbook build
Change-Id: I54f1873e2396363e7703dd0209589443ae8fb984
Reviewed-on: https://chromium-review.googlesource.com/c/crosvm/crosvm/+/4133829
Reviewed-by: Dennis Kempin <denniskempin@google.com>
Commit-Queue: Daniel Verkamp <dverkamp@chromium.org>
These should be written as ChromeOS and ChromiumOS (without the space)
to match the updated branding. The copyright headers were already
migrated to the new style (https://crrev.com/c/3894243), but there were
some more instances left over.
BUG=None
TEST=tools/cargo-doc
Change-Id: I8c76aea2eb33b2e370ab71ee9b5cc0a4cfd00585
Reviewed-on: https://chromium-review.googlesource.com/c/crosvm/crosvm/+/4129934
Reviewed-by: Dennis Kempin <denniskempin@google.com>
Commit-Queue: Daniel Verkamp <dverkamp@chromium.org>
bzImage is the cannonical way of loading a kernel image, and is simpler
overall. Update the book to refer to the bzImage instead of vmlinux.
BUG=None
TEST=mdbook build
Change-Id: I6309fe9b45e233b84a375c9a413c46dfdec05675
Reviewed-on: https://chromium-review.googlesource.com/c/crosvm/crosvm/+/4091565
Reviewed-by: Daniel Verkamp <dverkamp@chromium.org>
Reviewed-by: Dennis Kempin <denniskempin@google.com>
Commit-Queue: Alexandre Courbot <acourbot@chromium.org>
Document the format and rules for specifying command-line options, and
add a section on how configuration files can also be used.
BUG=b:218223240
TEST=mdbook build
Change-Id: Ieec40315b7ae8212c6a5b60280440abc9a5e92e6
Reviewed-on: https://chromium-review.googlesource.com/c/crosvm/crosvm/+/4040820
Reviewed-by: Keiichi Watanabe <keiichiw@chromium.org>
Commit-Queue: Alexandre Courbot <acourbot@chromium.org>
Reviewed-by: Daniel Verkamp <dverkamp@chromium.org>
Footnote was escaped in last version, now deps contain all mdformat
plugins required to support markdown extensions supported in mdbook
TEST=./tools/health-check, mdbook build docs/book/ --dest-dir ../target
generates html with correct footnote
Change-Id: I0047a7174cf241c5510a84d30349ba64790f5830
Reviewed-on: https://chromium-review.googlesource.com/c/crosvm/crosvm/+/4029524
Commit-Queue: Daniel Verkamp <dverkamp@chromium.org>
Auto-Submit: Zihan Chen <zihanchen@google.com>
Commit-Queue: Zihan Chen <zihanchen@google.com>
Reviewed-by: Daniel Verkamp <dverkamp@chromium.org>
Now that we have refactored our tests to be split into unit tests
and integration tests, let's document this.
BUG=None
TEST=None
Change-Id: Ibd12de70d3b201dd964efc1ccd6cb6a6a37c887a
Reviewed-on: https://chromium-review.googlesource.com/c/crosvm/crosvm/+/4024068
Commit-Queue: Zihan Chen <zihanchen@google.com>
Reviewed-by: David Stevens <stevensd@chromium.org>
Reviewed-by: Daniel Verkamp <dverkamp@chromium.org>
Reviewed-by: Zihan Chen <zihanchen@google.com>
There is no reason to leave an 8 MB gap at the beginning of guest
memory; shift the kernel load address down to the very beginning of
RAM. This accomodates alternate ELF kernels that want to be loaded at
address 0 as well.
BUG=b:254601048
TEST=boot crostini on arm
Change-Id: Iaa58efc5b20046732ef0f75b3c779134a3ee454b
Reviewed-on: https://chromium-review.googlesource.com/c/crosvm/crosvm/+/4015002
Reviewed-by: Alexandre Courbot <acourbot@chromium.org>
Commit-Queue: Daniel Verkamp <dverkamp@chromium.org>
Update mentions to the deprecated `--disk`, `--rwdisk`, `--root`,
`--rwroot` to use the new `--disk`, and to the obsolete network
parameters to use the new `--net` argument.
BUG=b:218223240
BUG=b:246224081
TEST=`mdbook build` in `docs/book` passes.
Change-Id: I942a9e03980a3477d4b87332f5b4cfdfebba814f
Reviewed-on: https://chromium-review.googlesource.com/c/crosvm/crosvm/+/3996046
Auto-Submit: Alexandre Courbot <acourbot@chromium.org>
Reviewed-by: Dennis Kempin <denniskempin@google.com>
Commit-Queue: Dennis Kempin <denniskempin@google.com>
The seccomp policy files are no longer needed at runtime since they are
embedded in the crosvm binary.
BUG=b:235858187
TEST=mdbook build docs/book
Change-Id: Ib8220bce01a21bd3b4a1ef749468e12b18377a62
Reviewed-on: https://chromium-review.googlesource.com/c/crosvm/crosvm/+/3999176
Reviewed-by: Dennis Kempin <denniskempin@google.com>
Commit-Queue: Daniel Verkamp <dverkamp@chromium.org>
It's not necessary to build 3D rendering support to run the
cross-domain context type.
Default implementations are added for some hypercalls, since
the guest kernel may still think it's running a KMS display.
That adds log-spam if errors are present.
BUG=b:173630595
TEST=Run weston terminal in the guest
Change-Id: I8155cf9d9867a329927b7dd4bb22c385510966a2
Reviewed-on: https://chromium-review.googlesource.com/c/crosvm/crosvm/+/3961536
Reviewed-by: Daniel Verkamp <dverkamp@chromium.org>
Commit-Queue: Gurchetan Singh <gurchetansingh@chromium.org>
The pVM firmware memory region is allocated before
AARCH64_PHYS_MEM_START, but several parts of the code were assuming that
all memory was contiguous and after that.
BUG=b:244553205
TEST=Patched into AOSP and ran some VMs.
Change-Id: I8caefc9cae79c98ea62ee02a506b1b485d3f09a6
Reviewed-on: https://chromium-review.googlesource.com/c/crosvm/crosvm/+/3921604
Reviewed-by: Pierre-Clément Tosi <ptosi@google.com>
Commit-Queue: Andrew Walbran <qwandor@google.com>
Reviewed-by: Keiichi Watanabe <keiichiw@chromium.org>
Reviewed-by: Jiyong Park <jiyong@google.com>
Use the enum to document the exit code and refer from the rustdoc.
BUG=b:251305451
TEST=mdbook build and observe
Change-Id: Ie75fc40a8301151266af112f275e331f1a49c769
Reviewed-on: https://chromium-review.googlesource.com/c/crosvm/crosvm/+/3935671
Commit-Queue: Junichi Uekawa <uekawa@chromium.org>
Reviewed-by: Keiichi Watanabe <keiichiw@chromium.org>
Reviewed-by: Daniel Verkamp <dverkamp@chromium.org>
The FFmpeg backend is a software emulated video encoder device backend.
It can be used for testing, for developing guest kernel changes and
more.
The backend roughly mirrors how the FFmpeg decoder backend is
implemented right now, with the notable difference that it does not use
swscale as the de-facto input format is NV12 or YUV420 and the guest can
likely provide buffers in that format.
BUG=b:239897269
TEST=See testing instructions in the updated book document.
Change-Id: Iae9928bdad86729f890e738acfa58e21573a115b
Reviewed-on: https://chromium-review.googlesource.com/c/crosvm/crosvm/+/3920263
Reviewed-by: Alexandre Courbot <acourbot@chromium.org>
Commit-Queue: Alexandre Courbot <acourbot@chromium.org>
Seccomp policy files will now pre-compile to bpf bytecode for
target architecture and embedded in the crosvm binary when not
built for chrome os.
When minijail is not checked out in crosvm tree as a submodule,
MINIJAIL_DIR environment variable needs to be specified for the
policy compiler to run.
Integration tests are now sandbox enabled for better coverage.
TEST=all tests passed, vm runs fine with sandbox on and no separate
policy files present. cros deploy & crostini still works.
BUG=b:235858187
FIXED=b:226975168
Change-Id: Ieaba4b3d7160ccb342a297ebc374894d19a8dc4d
Reviewed-on: https://chromium-review.googlesource.com/c/crosvm/crosvm/+/3824062
Reviewed-by: Daniel Verkamp <dverkamp@chromium.org>
Tested-by: Zihan Chen <zihanchen@google.com>
Commit-Queue: Zihan Chen <zihanchen@google.com>
Ffmpeg can now reliably be used in the guest to decode VP8 or VP9
streams, so update the instructions to showcase this.
BUG=b:235067555
TEST=mdbook build
Change-Id: If3af1797d8bc686167292e3859d6a4f08bfe2b41
Reviewed-on: https://chromium-review.googlesource.com/c/crosvm/crosvm/+/3841483
Reviewed-by: Keiichi Watanabe <keiichiw@chromium.org>
Reviewed-by: Tatsuyuki Ishi <ishitatsuyuki@google.com>
Commit-Queue: Alexandre Courbot <acourbot@chromium.org>
Tested-by: Alexandre Courbot <acourbot@chromium.org>
We would like 2 MiB for runtime data as well as the 2 MiB image.
TEST=tools/dev_container tools/run_tests --target=vm:aarch64
Change-Id: I0c0cba35bfc6cf6d8c54afd7df8bd929726e2053
Reviewed-on: https://chromium-review.googlesource.com/c/crosvm/crosvm/+/3827214
Commit-Queue: Andrew Walbran <qwandor@google.com>
Reviewed-by: Daniel Verkamp <dverkamp@chromium.org>
Tested-by: Andrew Walbran <qwandor@google.com>
This reverts commit a78f92cdb2.
Reason for revert: doesn't build on Chrome OS
Original change's description:
> crosvm: Embed seccomp filters into binary
>
> Seccomp policy files will now pre-compile to bpf bytecode for
> target architecture and embedded in the crosvm binary.
> When minijail is not checked out in crosvm tree as a submodule,
> MINIJAIL_DIR environment variable needs to be specified for the
> policy compiler to run.
>
> TEST=all tests passed, vm runs fine with sandbox on and no separate
> policy files present.
> BUG=b:235858187
>
> Change-Id: Ia801966df0a8adfdc4a80f5899e33121fe45e5f9
> Reviewed-on: https://chromium-review.googlesource.com/c/crosvm/crosvm/+/3774318
> Reviewed-by: Dennis Kempin <denniskempin@google.com>
> Commit-Queue: Zihan Chen <zihanchen@google.com>
> Tested-by: Zihan Chen <zihanchen@google.com>
Bug: b:235858187
Change-Id: Ia81e43185d5f16bd061b6d0290befb4642c44548
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Reviewed-on: https://chromium-review.googlesource.com/c/crosvm/crosvm/+/3813056
Tested-by: Junichi Uekawa <uekawa@chromium.org>
Commit-Queue: Junichi Uekawa <uekawa@chromium.org>
Reviewed-by: Keiichi Watanabe <keiichiw@chromium.org>
Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Seccomp policy files will now pre-compile to bpf bytecode for
target architecture and embedded in the crosvm binary.
When minijail is not checked out in crosvm tree as a submodule,
MINIJAIL_DIR environment variable needs to be specified for the
policy compiler to run.
TEST=all tests passed, vm runs fine with sandbox on and no separate
policy files present.
BUG=b:235858187
Change-Id: Ia801966df0a8adfdc4a80f5899e33121fe45e5f9
Reviewed-on: https://chromium-review.googlesource.com/c/crosvm/crosvm/+/3774318
Reviewed-by: Dennis Kempin <denniskempin@google.com>
Commit-Queue: Zihan Chen <zihanchen@google.com>
Tested-by: Zihan Chen <zihanchen@google.com>
The current documentation of VVU page did not include some important
information to reproduce the example such as the configuration of the
device guest kernel, or the requirement of setting the memory size of
sibling VM smaller than the device VM.
Add these information in the caveats section.
BUG=b:240398088
TEST=mdbook build
Change-Id: Ic391cd8099412b46acb52f49683cd702bfd54197
Reviewed-on: https://chromium-review.googlesource.com/c/crosvm/crosvm/+/3790664
Tested-by: Keita Suzuki <suzukikeita@google.com>
Reviewed-by: Keiichi Watanabe <keiichiw@chromium.org>
Reviewed-by: Morg <morg@chromium.org>
Commit-Queue: Keita Suzuki <suzukikeita@google.com>
Reflecting the new repository, supported workflows
and code submission process.
BUG=b:239255196
TEST=None
Change-Id: I52d7130ec3d72ea5ef8748875cae029f0b1f701b
Reviewed-on: https://chromium-review.googlesource.com/c/crosvm/crosvm/+/3780864
Auto-Submit: Dennis Kempin <denniskempin@google.com>
Tested-by: Dennis Kempin <denniskempin@google.com>
Commit-Queue: Dennis Kempin <denniskempin@google.com>
Reviewed-by: Daniel Verkamp <dverkamp@chromium.org>
This adds a new dt node identified by "qemu,vm-watchdog". The watchdog
is instantiated per-cpu and each instance has the following layout
described in this document:
https://docs.google.com/document/d/1DYmk2roxlwHZsOfcJi8xDMdWOHAmomvs2SDh7KPud3Y/edit?resourcekey=0-oSNabc-t040a1q0K4cyI8Q#heading=h.4hbqud2zl941
The watchdog uses an internal clock which is driven by the
timerfd at regular intervals. When the internal clock expires, a counter
value is decremented. When the counter register reaches value "0",
the watchdog expires. To prevent 'watchdog expiration', regular pet
events should be sent from the guest kernel driver.
BUG=b:213422094
Signed-off-by: Sebastian Ene <sebastianene@google.com>
Change-Id: Ic8c0488ffdfed1a43b6deb34b72d37f46e5e18a2
Reviewed-on: https://chromium-review.googlesource.com/c/crosvm/crosvm/+/3768290
Reviewed-by: Daniel Verkamp <dverkamp@chromium.org>
This updates all references to chromiumos/platform/crosvm to
crosvm/crosvm.
It will also switch ./tools/cl to upload to the new main repository.
BUG=None
TEST=None
Change-Id: I1f71e5d5de2300e57ace1315cb4553f68533d576
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/3760903
Reviewed-by: Daniel Verkamp <dverkamp@chromium.org>
Tested-by: Dennis Kempin <denniskempin@google.com>
Fix a few typos in the instructions to start a VVU device.
BUG=b:196186396
TEST=Copy/paste the new instructions and make sure the device starts and
works.
Change-Id: I0726185fc9d7026a7d7d81a5678fb81350cac113
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/3744908
Tested-by: kokoro <noreply+kokoro@google.com>
Reviewed-by: Junichi Uekawa <uekawa@chromium.org>
Reviewed-by: Keiichi Watanabe <keiichiw@chromium.org>
Commit-Queue: Keiichi Watanabe <keiichiw@chromium.org>
It is not the task of crosvm, which is usually unprivileged process, to
mess up with the system configuration, so it should simply expect that
VVU devices are already bound to vfio-pci driver and stop trying to do
it itself.
BUG=b:196186396
TEST=Boot redrix-manatee, start crostini.
Change-Id: Icb777cf66fd54bd74d656821fb76587c7ee70ca3
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/3712552
Commit-Queue: Dmitry Torokhov <dtor@chromium.org>
Tested-by: kokoro <noreply+kokoro@google.com>
Reviewed-by: Keiichi Watanabe <keiichiw@chromium.org>
Reviewed-by: David Stevens <stevensd@chromium.org>
Now that the ffmpeg decoder backend has been merged, anyone can try the
virtio-video device. Add a page on the book explaining how to do so.
BUG=b:235067555
TEST=mdbook build
Change-Id: I984b4953580274015900a80a378cab9c3eb7b2ac
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/3708389
Tested-by: kokoro <noreply+kokoro@google.com>
Reviewed-by: Keiichi Watanabe <keiichiw@chromium.org>
Commit-Queue: Alexandre Courbot <acourbot@chromium.org>
This CL will introduce a new TpmBackend called VTpmProxy.
This proxy will bridge the VM tpm device and the vtpm daemon on
ChromeOS.
BUG=b:227283268
TEST=Build OK.
Change-Id: Ibfbfdddbaca2af1d066920bb62918d88b0943d59
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/3696292
Commit-Queue: Yi Chou <yich@google.com>
Reviewed-by: Chih-Yang Hsia <paulhsia@chromium.org>
Tested-by: kokoro <noreply+kokoro@google.com>
Reviewed-by: Leo Lai <cylai@google.com>
We are going to use separate policy files per device for the following scenarios:
1) Regular in-VMM virtio device,
2) Virtio device over vhost-user,
3) Virtio device over Vvu.
Each of these scenarios require slightly different policies as a jailed
device process needs to allow not only the system calls necessary for
the device to function, but also those required by the virtio transport
in use.
This CL adds a README.md file to the seccomp directory that details the
naming and policy inclusion rules, and updates the serial, xhci and
coiommu policies to follow the naming scheme.
Vhost-user and VVU policy files will be added along with support for
jailing devices when they are in use.
BUG=b:217480043
TEST=serial device works with `crosvm run`.
Change-Id: I6d454aa6e05d00691fe3346e822ed1fc7b24aed8
Signed-off-by: Alexandre Courbot <acourbot@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/3706490
Reviewed-by: Daniel Verkamp <dverkamp@chromium.org>
Tested-by: kokoro <noreply+kokoro@google.com>