No description
Find a file
Dmytro Maluka f0c46addbb x86_64: support running protected VMs with pvmfw
Add support for running protected VMs on x86 in the proper way, i.e.
similarly to arm64, ask the pKVM hypervisor to load the pVM firmware
(pvmfw) into the VM memory at a dedicated address and to set the VM
entry point to the pvmfw address.

The KVM uAPI used for that (for setting pvmfw address in guest memory
and for querying pvmfw size) is almost exactly the same as on arm64.
But as explained in [1], this is a temporary uAPI anyway, so for now
don't try to generalize the crosvm code using this uAPI between both
architectures.

[1] https://android-review.git.corp.google.com/c/kernel/common/+/3372231
[2] https://android-review.git.corp.google.com/c/kernel/common/+/3372235

BUG=b:350694931
TEST=a VM run with "crosvm run --protected-vm" runs successfully,
assuming that the bootloader provides pvmfw image to the host kernel, or
using a pKVM hack described in "Test:" in [2] instead.

Change-Id: I64242bcd0a4c053b8c27c2f83d5c876a885d0442
Reviewed-on: https://chromium-review.googlesource.com/c/crosvm/crosvm/+/6043709
Reviewed-by: Daniel Verkamp <dverkamp@chromium.org>
Commit-Queue: Dmytro Maluka <dmaluka@chromium.org>
Reviewed-by: Pierre-Clément Tosi <ptosi@google.com>
2024-11-25 18:00:07 +00:00
.cargo Enable clippy for android code 2024-07-09 20:43:44 +00:00
.config dev_container: Pass through NEXTEST_PROFILE 2023-12-14 19:01:30 +00:00
.devcontainer dev_container: Replace better toml extension 2023-07-27 23:37:15 +00:00
.github Cleanup: Remove old, deprecated and no longer used files 2022-09-20 21:05:57 +00:00
.vscode Document feature flags and introduce new feature sets 2022-10-14 20:31:19 +00:00
aarch64 aarch64, x86_64: add cmdline option to configure PCI mem region 2024-11-22 23:17:50 +00:00
acpi_tables Replace ::max_value() with ::MAX 2024-07-09 23:26:03 +00:00
android_audio Refactor android_audio 2024-07-08 20:26:39 +00:00
arch x86_64: move --pcie-ecam into --pci 2024-11-22 23:17:55 +00:00
argh_helpers Update to syn-2 2023-12-02 00:23:50 +00:00
audio_streams_conformance_test audio_streams_conformance_test: remove unused minijail dep 2024-05-22 21:24:02 +00:00
audio_util clippy: enforce safety block comments 2023-12-14 18:21:54 +00:00
base Windows clippy fixes for Rust 1.81 2024-11-13 00:07:11 +00:00
base_tokio Avoid clippy::blocks_in_conditions warnings 2024-06-11 00:18:47 +00:00
bit_field Replace ::max_value() with ::MAX 2024-07-09 23:26:03 +00:00
broker_ipc metrics: Switch metrics from Tube to SendTube 2024-04-09 01:38:03 +00:00
common tree-wide: replace data_model::zerocopy_from_*() 2024-03-13 18:03:24 +00:00
cros_async cros_async: remove debug prints. 2024-10-31 18:07:12 +00:00
cros_fdt Fix clippy::assigning_clones lints 2024-06-10 19:33:36 +00:00
cros_tracing Cargo.toml: avoid "*" versions for external crates 2024-05-22 01:01:42 +00:00
cros_tracing_types Cargo.toml: avoid "*" versions for external crates 2024-05-22 01:01:42 +00:00
crosvm_cli devices: vfio: make global container state explicit 2024-06-06 23:31:16 +00:00
crosvm_control crosvm_control: add crosvm_client_resume_vm_full api 2024-11-08 20:39:02 +00:00
crosvm_plugin Cargo.toml: avoid "*" versions for external crates 2024-05-22 01:01:42 +00:00
devices input: Add custom input device 2024-11-25 02:10:57 +00:00
disk disk: Add seekable zstd disk support 2024-11-22 21:13:38 +00:00
docs/book input: Add custom input device 2024-11-25 02:10:57 +00:00
e2e_tests Windows clippy fixes for Rust 1.81 2024-11-13 00:07:11 +00:00
ext2 ext2: fix needless borrow clippy warnings 2024-10-02 07:07:17 +00:00
fuse Fix bad indentation in Markdown around lists 2024-09-10 02:05:59 +00:00
fuzz fuzz: expect cfg(fuzzing) 2024-11-05 00:10:58 +00:00
gpu_display Windows clippy fixes for Rust 1.81 2024-11-13 00:07:11 +00:00
hypervisor x86_64: support running protected VMs with pvmfw 2024-11-25 18:00:07 +00:00
infra Roll recipe dependencies (trivial). 2024-11-22 00:19:02 +00:00
io_uring Fix clippy::suspicious_open_options warnings 2024-06-10 19:39:47 +00:00
jail devices: fs: Allow running virito-fs without root 2024-10-26 00:21:18 +00:00
kernel_cmdline kernel_cmdline: remove capacity from Cmdline 2024-09-12 18:42:20 +00:00
kernel_loader kernel_loader: move load_cmdline() to x86_64 2024-09-09 21:32:01 +00:00
kvm x86_64: support running protected VMs with pvmfw 2024-11-25 18:00:07 +00:00
kvm_sys x86_64: support running protected VMs with pvmfw 2024-11-25 18:00:07 +00:00
libcras_stub Cargo.toml: avoid "*" versions for external crates 2024-05-22 01:01:42 +00:00
linux_input_sys Cargo.toml: avoid "*" versions for external crates 2024-05-22 01:01:42 +00:00
logo README: Use PNG logo image 2021-10-29 01:56:23 +00:00
media media: ffmpeg: fix undefined behavior in test_avpacket_drop 2024-11-13 00:12:14 +00:00
metrics metrics: add missing features in Cargo.toml 2024-07-03 00:33:08 +00:00
metrics_events metric_events & src: add metric for VcpuShutdown. 2024-05-31 18:25:50 +00:00
net_sys Cargo.toml: avoid "*" versions for external crates 2024-05-22 01:01:42 +00:00
net_util net_util: clean up transmutes in create_sockaddr() 2024-11-05 00:09:04 +00:00
perfetto Cargo.toml: avoid "*" versions for external crates 2024-05-22 01:01:42 +00:00
power_monitor devices: bat: get power property before first read 2024-10-16 09:16:32 +00:00
prebuilts Cargo.toml: avoid "*" versions for external crates 2024-05-22 01:01:42 +00:00
proto_build_tools Cargo.toml: upgrade protobuf 2.x -> 3.x 2023-04-28 19:32:01 +00:00
protos clippy: enforce safety block comments 2023-12-14 18:21:54 +00:00
resources Fix clippy::unnecessary_get_then_check warnings 2024-06-10 20:01:30 +00:00
riscv64 aarch64, x86_64: add cmdline option to configure PCI mem region 2024-11-22 23:17:50 +00:00
rutabaga_gfx devices: gpu: fix suspend/resume for 2D fallback 2024-11-21 21:06:06 +00:00
sandbox Cargo.toml: avoid "*" versions for external crates 2024-05-22 01:01:42 +00:00
serde_keyvalue Cargo.toml: avoid "*" versions for external crates 2024-05-22 01:01:42 +00:00
src input: Add custom input device 2024-11-25 02:10:57 +00:00
swap Exclude a few dead_code instances 2024-11-05 00:16:59 +00:00
system_api Cargo.lock: update protobuf v3.2.0 -> v3.6.0 2024-10-23 20:11:19 +00:00
tests Reformat comments 2024-02-15 23:30:13 +00:00
third_party third_party/minijail: update to detect -Wxor-used-as-pow support 2024-11-20 18:35:06 +00:00
tools Windows clippy fixes for Rust 1.81 2024-11-13 00:07:11 +00:00
tube_transporter Cargo.toml: avoid "*" versions for external crates 2024-05-22 01:01:42 +00:00
usb_sys Windows clippy fixes for Rust 1.81 2024-11-13 00:07:11 +00:00
usb_util base: define ioctls as consts rather than functions 2024-06-25 19:17:21 +00:00
vendor vendor/generic/metrics: document API methods. 2024-06-04 21:46:46 +00:00
vfio_sys bindgen: update to Linux 6.6 headers 2024-01-09 00:37:43 +00:00
vhost vhost: improve set_vring_addr() validation 2024-10-11 00:56:40 +00:00
virtio_sys virtio: update virtio-media ID to 48 2024-11-08 19:36:37 +00:00
vm_control vm_control: change VmMemoryRegionId to use GuestAddress 2024-11-18 20:51:15 +00:00
vm_memory x86_64: support --unprotected-vm-with-firmware 2024-09-20 19:49:24 +00:00
win_audio Windows clippy fixes for Rust 1.81 2024-11-13 00:07:11 +00:00
win_util Replace ::max_value() with ::MAX 2024-07-09 23:26:03 +00:00
x86_64 x86_64: support running protected VMs with pvmfw 2024-11-25 18:00:07 +00:00
.dockerignore add docker supported builds and tests 2019-05-15 13:36:19 -07:00
.envrc Automatically register tools/ on PATH 2023-03-03 00:33:15 +00:00
.gitattributes config: force lf as line endings 2023-11-07 17:38:58 +00:00
.gitignore Automatically register tools/ on PATH 2023-03-03 00:33:15 +00:00
.gitmodules devices: remove --software-tpm support 2023-10-02 23:28:45 +00:00
.rustfmt.toml rustfmt: wrap comments 2024-02-15 23:30:13 +00:00
ARCHITECTURE.md docs: book: update architecture docs 2023-06-01 22:37:17 +00:00
Cargo.lock disk: Add seekable zstd disk support 2024-11-22 21:13:38 +00:00
Cargo.toml disk: Add seekable zstd disk support 2024-11-22 21:13:38 +00:00
CONTRIBUTING.md CONTRIBUTING: Fix typo 'Cargo.lock' 2024-07-17 03:47:21 +00:00
DIR_METADATA Add arcvm_gki_cq test plan 2024-08-21 18:24:58 +00:00
LICENSE Update all copyright headers to match new style 2022-09-13 18:41:29 +00:00
mypy.ini Add python configs for consistency between IDE and CI 2022-08-16 18:33:23 +00:00
OWNERS owners: remove Paul 2024-09-05 22:51:31 +00:00
OWNERS_COUNCIL OWNERS_COUNCIL: Update council reviewers 2024-05-29 18:36:55 +00:00
PRESUBMIT.cfg Cleanup: Remove old, deprecated and no longer used files 2022-09-20 21:05:57 +00:00
pyproject.toml Add python configs for consistency between IDE and CI 2022-08-16 18:33:23 +00:00
README.chromeos.md crosvm: update book and doc links to crosvm.dev 2022-07-29 22:54:01 +00:00
README.md Fix remaining Chrome/Chromium OS instances 2023-01-03 22:14:30 +00:00
rust-toolchain rust-toolchain: update to Rust 1.77.2 2024-06-18 18:21:17 +00:00

crosvm - The ChromeOS Virtual Machine Monitor

crosvm is a virtual machine monitor (VMM) based on Linuxs KVM hypervisor, with a focus on simplicity, security, and speed. crosvm is intended to run Linux guests, originally as a security boundary for running native applications on the ChromeOS platform. Compared to QEMU, crosvm doesnt emulate architectures or real hardware, instead concentrating on paravirtualized devices, such as the virtio standard.

crosvm is currently used to run Linux/Android guests on ChromeOS devices.

Logo