mirror of
https://chromium.googlesource.com/crosvm/crosvm
synced 2024-11-25 05:03:05 +00:00
cbf9381c58
The current SnapshotReader/Writer interface returns Files for raw fragments. When we add snapshot encryption, we will need to return an encrypting or decrypting streaming wrapper, and this won't be a File. This CL changes the interface to return impl Read or impl Write. As part of that, we also had to make a significant safety change to how memory snapshots are taken. Memory snapshots used to be written with FileReadWriteVolatile. This is because we assume GuestMemory is always mutably borrowed by the guest, and it is UB to have aliased references in Rust. While formally undefined, the rough reasoning for this is that LLVM optimizations assume noalias on mutable references, and if that is violated at runtime, optimizations can result in changed behavior. In the snapshot & restore case though, we know the guest is not running because its VCPUs are stopped, so its mutable reference can be ignored (temporal overlap for aliasing is required for UB to occur). Luckily for us, the host code will never alias guest memory because up until this CL, we assumed that was never safe. Credit: thanks to fmayle@, who originally proposed using Read/Write in this manner in a CL that added snapshot compression. BUG=b:326170473 TEST=builds Change-Id: Iafd9175f684bc197329a0f5aae57685f5cfd677e Reviewed-on: https://chromium-review.googlesource.com/c/crosvm/crosvm/+/5313630 Reviewed-by: Frederick Mayle <fmayle@google.com> Commit-Queue: Noah Gold <nkgold@google.com> |
||
|---|---|---|
| .. | ||
| src | ||
| tests/irqchip | ||
| Cargo.toml | ||