This unblocks enabling GWP-ASan in production to further secure up Venus
render server. Besides, it also makes it easier to enable ASAN only for
Venus render server but not virtio-gpu device process.
BUG=b:307995295
TEST=LD_PRELOAD set correctly in render server environ via cmdline
Change-Id: Ieba9a25d47decb60bbbd6569ad487d258733b29c
Reviewed-on: https://chromium-review.googlesource.com/c/crosvm/crosvm/+/5034421
Reviewed-by: Ryan Neph <ryanneph@google.com>
Commit-Queue: Yiwei Zhang <zzyiwei@chromium.org>
Reviewed-by: Daniel Verkamp <dverkamp@chromium.org>
Newer versions of virtiofsd allow the backend to provide the tag, making
it no longer necessary for the frontend to synthesize the virtio config
space. Make the --vhost-user-fs frontend option's tag field optional so
the frontend only overrides the config space provided by the backend
when necessary.
BUG=b:262291811
TEST=connect to virtiofsd built from git with and without tag specified
Change-Id: Ie4a0954054c5bd261306e172063b84d090b7bf32
Reviewed-on: https://chromium-review.googlesource.com/c/crosvm/crosvm/+/5010089
Reviewed-by: Keiichi Watanabe <keiichiw@chromium.org>
Commit-Queue: Daniel Verkamp <dverkamp@chromium.org>
Reviewed-by: Alexandre Courbot <acourbot@chromium.org>
... except fs, since it is doing some unusual stuff with config space.
BUG=b:262291811
TEST=`crosvm run` with each supported --vhost-user-* device type
Change-Id: I1ae18f151d139ce01788f62495e6b4648f278a52
Reviewed-on: https://chromium-review.googlesource.com/c/crosvm/crosvm/+/4913661
Commit-Queue: Daniel Verkamp <dverkamp@chromium.org>
Reviewed-by: Keiichi Watanabe <keiichiw@chromium.org>
Reviewed-by: Alexandre Courbot <acourbot@chromium.org>
Reviewed-by: Noah Gold <nkgold@google.com>
It will be used in the upcoming Windows implementation. The
behavior should remain unchanged for other platforms.
BUG=b:306407787
Change-Id: I7f925055e2d3d9e03f64096cbf590c7ac897a00c
Reviewed-on: https://chromium-review.googlesource.com/c/crosvm/crosvm/+/5028148
Reviewed-by: Noah Gold <nkgold@google.com>
Commit-Queue: Pujun Lun <lunpujun@google.com>
This commit adds tracing points in virtio-blk and virtio-scsi, so that
developpers can easily measure the performance of each commands.
BUG=300042376
TEST=tools/presubmit
Change-Id: Iaae2912505c6e224fa1fe587fb51c97838ecb66b
Reviewed-on: https://chromium-review.googlesource.com/c/crosvm/crosvm/+/5035879
Reviewed-by: Keiichi Watanabe <keiichiw@chromium.org>
Reviewed-by: Takaya Saeki <takayas@chromium.org>
Commit-Queue: Joe Hattori <hattorij@google.com>
Currently crosvm imposes a limit on the transfer size. This has led to a
limited throughput on heavy workloads such as vm.Fio.scsi_stress_rw.
This commit removes the limit so that the guest driver can queue as much
requests as it wants to the virtqueue, leading to a slightly moderated
performance.
BUG=b:300042376
TEST=./tools/presubmit
Change-Id: I8c1a465e2520441b7467053e81e0796a6535fa7f
Reviewed-on: https://chromium-review.googlesource.com/c/crosvm/crosvm/+/5036061
Reviewed-by: Keiichi Watanabe <keiichiw@chromium.org>
Reviewed-by: Takaya Saeki <takayas@chromium.org>
Commit-Queue: Joe Hattori <hattorij@google.com>
Read any potentially received data that was queued after crosvm was
suspended. This can happen if crosvm is suspended before other
processes.
Refactored drain timeout to share between serial and console
BUG=b:303092706
TEST=presubmit
Change-Id: If04f1987b0b70d3866f0a6c9258e6f674c919a1c
Reviewed-on: https://chromium-review.googlesource.com/c/crosvm/crosvm/+/5027654
Reviewed-by: Frederick Mayle <fmayle@google.com>
Commit-Queue: Elie Kheirallah <khei@google.com>
The vhost-user protocol features (VHOST_USER_PROTOCOL_FEATURE_*) that
the frontend supports can be the same for all device types; there is no
need to mask off protocol features on a per-device basis. The frontend
code will still only acknowledge and use the intersection of the
protocol features supported by the backend and the frontend
(VhostUserHandler).
The only exceptional case is the non-standard SHARED_MEMORY_REGIONS
protocol feature, which is only implemented in crosvm's vhost-user-gpu
backend. Add a special case for that feature for now, with the eventual
goal of either standardizing it or removing it.
BUG=b:262291811
TEST=connect crosvm to vhost-user blk and virtiofs backends
Change-Id: I763009ebbcf99fb57487f4b9f65fa67f9b1d3f38
Reviewed-on: https://chromium-review.googlesource.com/c/crosvm/crosvm/+/4913659
Reviewed-by: Keiichi Watanabe <keiichiw@chromium.org>
Commit-Queue: Daniel Verkamp <dverkamp@chromium.org>
Rather than requiring each specific vhost-user frontend to declare its
supported set of feature bits, we should simply allow any feature bits
that are specific to the device type to be passed through from the
driver to the backend. The vhost-user frontend does not need to know the
meaning of these features, and the normal virtio feature negotiation
mechanism will ensure the driver and vhost-user backend select a
compatible set of features.
This allows removing a bunch of the device-type-specific vhost-user
frontend code.
BUG=b:262291811
TEST=tools/dev_container tools/presubmit
TEST=connect crosvm to vhost-user block and virtiofsd backends
Change-Id: Id5d81b3e5336ef5d5f6b0c0821839a92cf7deb37
Reviewed-on: https://chromium-review.googlesource.com/c/crosvm/crosvm/+/4913658
Reviewed-by: Keiichi Watanabe <keiichiw@chromium.org>
Commit-Queue: Daniel Verkamp <dverkamp@chromium.org>
Rework the pvIOMMU topology by randomizing the value of vSIDs instead of
using the previous "n-th SID has vSID n". This forces the hypervisor to
support non-trivial SID mappings, which will be necessary for assigning
multiple devices to the same pvIOMMU.
TEST=tools/run_tests
BUG=b:306110430
Change-Id: Ib143a09c61d4d4e747942c7833079dfcbe77e5fc
Reviewed-on: https://chromium-review.googlesource.com/c/crosvm/crosvm/+/5009549
Reviewed-by: Daniel Verkamp <dverkamp@chromium.org>
Commit-Queue: Pierre-Clément Tosi <ptosi@google.com>
Add support for assigning VFIO devices with more than one Stream ID to
pKVM guests. The guest DT now uses <#iommu-cells> == 1.
Implement a virtual topology where the n-th SID is mapped to the virtual
SID with value n.
TEST=tools/run_tests
BUG=b:306110430
Change-Id: I053f4697b13b40c8c7f6eb9ef27afe5c7aeb36ca
Reviewed-on: https://chromium-review.googlesource.com/c/crosvm/crosvm/+/5009548
Reviewed-by: Daniel Verkamp <dverkamp@chromium.org>
Expose pvIOMMUs to guests through the device tree. Due to the topology
of 1-to-1 mapping between VFIO devices and pvIOMMUs set `#iommu-cells`
to 0 as DMA masters (VFIO devices) can be uniquely identified from their
assigned pvIOMMU.
TEST=tools/run_tests
BUG=b:306110430
Change-Id: Iddac86500901b51e61de3c9b060c3bc541c64866
Reviewed-on: https://chromium-review.googlesource.com/c/crosvm/crosvm/+/5009547
Reviewed-by: Daniel Verkamp <dverkamp@chromium.org>
Teach crosvm to spawn para-virtualized IOMMUs emulated by pKVM, which
are used by protected VMs to control the DMA translation regime of their
assigned (physical) devices without relying on the (untrusted) host or
VMM.
Implement a virtual topology with a 1-to-1 mapping between VFIO devices
and pvIOMMUs (i.e. no support for multiple devices per pvIOMMU nor for
multiple pvIOMMUs per device).
To allow guests to refer to individual pvIOMMUs in calls to the
hypervisor (for example, to map/unmap DMA), they are given an ID, which
the uAPI defines as the FD returned from one of its ioctls.
Like the rest of pKVM, this feature is specific to Android on AArch64.
Note: This makes use of a uAPI that is currently only available on some
experimental (non-production) Android kernels and is likely to
change!
TEST=tools/run_tests
BUG=b:306110430
Change-Id: I00c065754cffa39307272ad00698647e56404894
Reviewed-on: https://chromium-review.googlesource.com/c/crosvm/crosvm/+/5009546
Reviewed-by: Daniel Verkamp <dverkamp@chromium.org>
Previously, the fallback logic for utilizing the casefold_cache when a
standard lookup fails required manual implementation each time do_lookup
was called. This resulted in code duplication and was prone to omission
when adding new features or operations.
This CL intergrates the casefold_cache lookup logic with normal lookup
to do_lookup_with_casefold_fallback() function. This change eliminate
the need for redundant code and simplifying future maintenance efforts.
BUG=b:304663953
TEST=cargo test --package devices --lib -- virtio::fs::passthrough::tests
Change-Id: I181d52fcfc43f4e6b0d88f6d53374c785ee05142
Reviewed-on: https://chromium-review.googlesource.com/c/crosvm/crosvm/+/5009218
Reviewed-by: Takaya Saeki <takayas@chromium.org>
Reviewed-by: Keiichi Watanabe <keiichiw@chromium.org>
Commit-Queue: Yuan Yao <yuanyaogoog@chromium.org>
Zero_message_open should also be considered in atomic_open feature. With
zero_message_open enabled, atomic_open will not open file but just
return the d_entry. Updated atomic_open unit tests with
zero_message_open feature.
BUG=b:304663953
TEST=test virtio-fs with cache=always option
Change-Id: I2929355c32dd8972d2ed988a0fad5a37431e2b53
Reviewed-on: https://chromium-review.googlesource.com/c/crosvm/crosvm/+/4963224
Commit-Queue: Yuan Yao <yuanyaogoog@chromium.org>
Reviewed-by: Keiichi Watanabe <keiichiw@chromium.org>
Reviewed-by: Takaya Saeki <takayas@chromium.org>
The atomic_open operation utilized the create() method to create new
files. However, this method involved unnecessary overhead by following
the /proc/self/fd symlink to open the file.
This commit optimizes the process by directly calling openat with parent
inode data and file name in create() method. This eliminates the symlink
lookup, reducing workload on the host system and improving performance.
BUG=b:304663953
TEST=create files in shared directory
Change-Id: I4b8bd3cb41035bceaa3b9bae64503f744cbe8361
Reviewed-on: https://chromium-review.googlesource.com/c/crosvm/crosvm/+/4937655
Reviewed-by: Takaya Saeki <takayas@chromium.org>
Reviewed-by: Keiichi Watanabe <keiichiw@chromium.org>
Commit-Queue: Yuan Yao <yuanyaogoog@chromium.org>
The unit tests are added for atomic open operation, whicg including
atomic open on existing/non-exsiting normal file with and without
O_CREATE flag. Also, one unit test is created for atomic_open a symbol
link file.
BUG=b:304663953
TEST=cargo test --package devices --lib -- virtio::fs::passthrough::tests
Change-Id: I13edaab60f65317189ef998274e0b78cf3fb756c
Reviewed-on: https://chromium-review.googlesource.com/c/crosvm/crosvm/+/4930458
Reviewed-by: Takaya Saeki <takayas@chromium.org>
Commit-Queue: Yuan Yao <yuanyaogoog@chromium.org>
Reviewed-by: Keiichi Watanabe <keiichiw@chromium.org>
This commit introduces support for the FUSE atomic_openoperation for
virtio-fs. Previously, when opening or creating a file without a
corresponding d_entry (directory entry), the guest had to send separate
FUSE LOOKUP and FUSE OPEN/CREATE requests.
With atomic_open, the guest can send a single FUSE ATOMIC_OPEN request,
and crosvm will handle both lookup and open/create operations. If
successful, it returns the d_entry and file handler. For symbolic links,
atomic_open returns an ELOOP error, prompting the kernel to fall back to
the standard FUSE LOOKUP + FUSE OPEN sequence.
To enable atomic_open, the guest kernel need requires path 1/8,2/8,8/8 from
the following kernel patch set:
https://lore.kernel.org/linux-fsdevel/20231023183035.11035-1-bschubert@ddn.com/
BUG=b:304663953
TEST=test virtio-fs with guest kernel cherry picked chromium:4988749
Change-Id: I94e2758765e4a422e011a83fcafcf2e0e0a20682
Reviewed-on: https://chromium-review.googlesource.com/c/crosvm/crosvm/+/4914660
Commit-Queue: Yuan Yao <yuanyaogoog@chromium.org>
Reviewed-by: Keiichi Watanabe <keiichiw@chromium.org>
Reviewed-by: Takaya Saeki <takayas@chromium.org>
The read_input() function doesn't need ownership of the event, so just
borrow it to avoid the need for an extra try_clone() call.
Change-Id: Id7362a4e65ddde5d7fd212754d2870c4ac475051
Reviewed-on: https://chromium-review.googlesource.com/c/crosvm/crosvm/+/5027709
Reviewed-by: Elie Kheirallah <khei@google.com>
Reviewed-by: Frederick Mayle <fmayle@google.com>
Commit-Queue: Daniel Verkamp <dverkamp@chromium.org>
Adds support for specifying a nice value to be used for vCPU threads.
This can be used to boost (or deboost) the priority of the vCPU threads
relative to everything else. To boost the threads priority, the
appropriate limits will need to be set.
BUG=b:310707244
TEST=Verified nice values on "crosvm_vcpuN" using top on host.
Change-Id: Ia1ad8d2c8f88bdd411551f3be72c7eb3553417c8
Reviewed-on: https://chromium-review.googlesource.com/c/crosvm/crosvm/+/5027655
Reviewed-by: Daniel Verkamp <dverkamp@chromium.org>
Commit-Queue: Isaac Bosompem <mrisaacb@google.com>
Initialize in_avail_evt on creation of Console instead of on activate.
in_avail_evt is never passed as an argument, so there's no real reason
behind making it an option. Behavior is not affected.
BUG=N/A
TEST=presubmit
Change-Id: I270ba47614a4c3489fe3cde6450ed3879f63818d
Reviewed-on: https://chromium-review.googlesource.com/c/crosvm/crosvm/+/5026250
Commit-Queue: Elie Kheirallah <khei@google.com>
Reviewed-by: Frederick Mayle <fmayle@google.com>
Reviewed-by: Daniel Verkamp <dverkamp@chromium.org>
Reading the input in console had all the logic in a thread.
Extract that logic into a function so that we are able to read the input
without a thread. This will be used as part of 2-step snapshotting.
BUG=b:303092706
TEST=presubmit
Change-Id: Iaeda2520abf76f712642f3282d0db973d4fc1886
Reviewed-on: https://chromium-review.googlesource.com/c/crosvm/crosvm/+/5005897
Reviewed-by: Noah Gold <nkgold@google.com>
Reviewed-by: Daniel Verkamp <dverkamp@chromium.org>
Commit-Queue: Elie Kheirallah <khei@google.com>
Reviewed-by: Frederick Mayle <fmayle@google.com>
Gimp plugin initializing, loading and file batch processing are
plausible real-world operations to run under crosvm, and can be
easily measured in an automated gui-less fasion. These operations
mainly stress small file disk performance.
BUG=b:181105093
TEST=./tools/bench gimp
Change-Id: I5891771a031f5843df4aebdfede8ae9b7ed53977
Reviewed-on: https://chromium-review.googlesource.com/c/crosvm/crosvm/+/4994843
Auto-Submit: Zihan Chen <zihanchen@google.com>
Commit-Queue: Dennis Kempin <denniskempin@google.com>
Reviewed-by: Dennis Kempin <denniskempin@google.com>
Currently, cros_async's async IO source provides async `fallocate`
function, and `punch_hole` and `write_zeroes_at` are delegated to
`fallocate`. However, this design has three rooms for improvements.
1. Actually, no one calls async `fallocate`.
2. We have duplicated `fallocate` and `AllocateMode` implementations in
`base::sys`.
3. Windows has to pretend to have `fallocate` to provide `punch_hole`
and `write_zeroes_at`
So, this change removes `fallocate` and `AllocateMode`, which no one
actually calls, from `IoSource` and deletegate it to `base::sys`. With
this, we don't have to maintain `fallocate` implementation in
cros_async.
This will also enable us to call a non-`fallocate` systemcall in
`punch_hole` implementation which will be necessary to correctly support
block files.
BUG=b:302437024
TEST=./tools/presubmit
Change-Id: I8e7fcd94380da980cc52e6f751b134fa325d7b39
Reviewed-on: https://chromium-review.googlesource.com/c/crosvm/crosvm/+/5019241
Reviewed-by: Keiichi Watanabe <keiichiw@chromium.org>
Reviewed-by: Noah Gold <nkgold@google.com>
Commit-Queue: Takaya Saeki <takayas@chromium.org>
Currently, `fallocate` helper function in base/sys/linux has the
`keep_size` parameter which controls whether to add
`FALLOC_FL_KEEP_SIZE` flag or not. However, no one passes `false` to
this parameter and all callers want to keep size. We have no reason to
make this configurable.
This change removes `keep_size` parameter from `fallocate` and simplify
the implementation. This will also enable us to remove another
`fallocate` implementation in `cros_async` replacing it with this
`fallocate` in base/sys/linux.
BUG=b:302437024
TEST=./tools/presubmit
Change-Id: I2926121acb32de62a7457f851ae48f829a3c8a6c
Reviewed-on: https://chromium-review.googlesource.com/c/crosvm/crosvm/+/5019240
Reviewed-by: Keiichi Watanabe <keiichiw@chromium.org>
Commit-Queue: Takaya Saeki <takayas@chromium.org>
Currently crosvm does not implement provisioning management. This leads
to discard operations not being called, which results in poor
performance on some I/O workloads (e.g. vm.Fio.scsi_stress_rw).
This commit implements the Block Limits and Logical Block Provisioning
vpd page to let the driver know we support thin-provisioning. Then, the
driver calls UNMAP, WRITE SAME(10), and WRITE SAME(16) commands to
perform discard operations, so this commit implements these commands as
well.
TEST=tools/presubmit
BUG=b:300042376
Change-Id: Ie17b64ce35e0810549b9b254d5617e106358efca
Reviewed-on: https://chromium-review.googlesource.com/c/crosvm/crosvm/+/4996804
Reviewed-by: Takaya Saeki <takayas@chromium.org>
Commit-Queue: Joe Hattori <hattorij@google.com>
Reviewed-by: Keiichi Watanabe <keiichiw@chromium.org>
Part of efforts of two-step snapshotting, to avoid dropping any data
lingering in buffers.
BUG=b:303092706
TEST=presubmit
Change-Id: I1d36a10c8d317349d12ca66b817cf92c099ede10
Reviewed-on: https://chromium-review.googlesource.com/c/crosvm/crosvm/+/5005896
Reviewed-by: Daniel Verkamp <dverkamp@chromium.org>
Commit-Queue: Elie Kheirallah <khei@google.com>
Reviewed-by: Frederick Mayle <fmayle@google.com>
Snapshot needs to modify the device as part of efforts for 2-step
snapshotting. This is to make sure no messages are dropped. The
snapshotting process on cuttlefish involves stopping the VM first,
followed by the processes. This means that a process might send a
message which crosvm has not yet received.
On snapshot, we should receive any messages and then snapshot.
BUG=b:303092706
TEST=presubmit
Change-Id: If3431318d5d115072c65f61dad9f13222001f937
Change-Id: Iea8a159bff21af67c0c59f36cfa9324179723515
Reviewed-on: https://chromium-review.googlesource.com/c/crosvm/crosvm/+/5005898
Commit-Queue: Daniel Verkamp <dverkamp@chromium.org>
Commit-Queue: Elie Kheirallah <khei@google.com>
Reviewed-by: Daniel Verkamp <dverkamp@chromium.org>
Auto-Submit: Elie Kheirallah <khei@google.com>
