mirrors/crosvm
1
0
Fork 0
mirror of https://chromium.googlesource.com/crosvm/crosvm synced 2024-11-25 13:23:08 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions
crosvm/arch/Cargo.toml
Shintaro Kawamura b5a9833d97 swap: send userfaultfd via Tube on device process fork 
This implements the equivalent logic on crosvm as
UFFD_FEATURE_EVENT_FORK. When each device process forks, the ProxyDevice
creates userfaultfd and send it to the monitor process by
SwapController::on_process_forked().

Crosvm does not have any child processes which may access the guest
memory except device processes as of now. Crosvm forks
virgl_render_server, but the mmap is not preserved in the process on
execve(2) since it is a different binary. Also no device process forks
grandchild processes according to the seccomp policy.

We actually can't use UFFD_FEATURE_EVENT_FORK because the feature does
not support non-root user namespace (go/uffd-fork-user-ns) and ARCVM
runs in a non-root user namespace.

This also adds syscalls to seccomp policies for devices to allow the
processes to create and setup a userfaultfd.

BUG=b:266641923
TEST=manually tested

Change-Id: Ide3088e1e95ae3c8259e3f4324124b3376e760b7
Reviewed-on: https://chromium-review.googlesource.com/c/crosvm/crosvm/+/4194228
Reviewed-by: David Stevens <stevensd@chromium.org>
Commit-Queue: Shin Kawamura <kawasin@google.com>
Reviewed-by: Daniel Verkamp <dverkamp@chromium.org>
Reviewed-by: Dennis Kempin <denniskempin@google.com>
2023-02-01 00:47:52 +00:00

46 lines
1.3 KiB
TOML
Raw Blame History

[package]
name = "arch"
version = "0.1.0"
authors = ["The ChromiumOS Authors"]
edition = "2021"
[features]
power-monitor-powerd = ["power_monitor/powerd"]
gdb = ["gdbstub", "gdbstub_arch"]
direct = []
trace_marker = ["cros_tracing/trace_marker"]
[dependencies]
acpi_tables = { path = "../acpi_tables" }
anyhow = "*"
base = { path = "../base" }
cfg-if = "1.0.0"
cros_fdt = { path = "../cros_fdt" }
cros_tracing = { path = "../cros_tracing" }
devices = { path = "../devices" }
gdbstub = { version = "0.6.3", optional = true }
gdbstub_arch = { version = "0.2.4", optional = true }
hypervisor = { path = "../hypervisor" }
kernel_cmdline = { path = "../kernel_cmdline" }
libc = "*"
resources = { path = "../resources" }
remain = "*"
serde = { version = "*", features = [ "derive"] }
serde_keyvalue = { path = "../serde_keyvalue", features = ["argh_derive"] }
sync = { path = "../common/sync" }
thiserror = "1.0.20"
vm_control = { path = "../vm_control" }
vm_memory = { path = "../vm_memory" }
[target.'cfg(unix)'.dependencies]
minijail = "*" # provided by ebuild
power_monitor = { path = "../power_monitor" }
[target.'cfg(target_os="linux")'.dependencies]
swap = { path = "../swap", optional = true }
[target.'cfg(windows)'.dependencies]
winapi = "*"
[dev-dependencies]
serde_json = "*"
Reference in a new issue View git blame Copy permalink