mirror of
https://chromium.googlesource.com/crosvm/crosvm
synced 2024-11-24 12:34:31 +00:00
b5a9833d97
This implements the equivalent logic on crosvm as UFFD_FEATURE_EVENT_FORK. When each device process forks, the ProxyDevice creates userfaultfd and send it to the monitor process by SwapController::on_process_forked(). Crosvm does not have any child processes which may access the guest memory except device processes as of now. Crosvm forks virgl_render_server, but the mmap is not preserved in the process on execve(2) since it is a different binary. Also no device process forks grandchild processes according to the seccomp policy. We actually can't use UFFD_FEATURE_EVENT_FORK because the feature does not support non-root user namespace (go/uffd-fork-user-ns) and ARCVM runs in a non-root user namespace. This also adds syscalls to seccomp policies for devices to allow the processes to create and setup a userfaultfd. BUG=b:266641923 TEST=manually tested Change-Id: Ide3088e1e95ae3c8259e3f4324124b3376e760b7 Reviewed-on: https://chromium-review.googlesource.com/c/crosvm/crosvm/+/4194228 Reviewed-by: David Stevens <stevensd@chromium.org> Commit-Queue: Shin Kawamura <kawasin@google.com> Reviewed-by: Daniel Verkamp <dverkamp@chromium.org> Reviewed-by: Dennis Kempin <denniskempin@google.com> |
||
|---|---|---|
| .. | ||
| src | ||
| .build_test_skip | ||
| Cargo.toml | ||