| commit | 66b86b50cad0ee726194bee54c60bfbb7abb4fbe | [log] [tgz] |
|---|---|---|
| author | Zach Reizner <zachr@google.com> | Wed May 03 18:11:39 2017 -0700 |
| committer | chrome-bot <chrome-bot@chromium.org> | Mon May 08 12:40:51 2017 -0700 |
| tree | a0e96663e2e7ba837d2a137b42321f9fb0c0a064 | |
| parent | 48faad1bc60c818cd472ac43389e44e4446ff020 [diff] |
kvm: add kvm crate to safely use kvm This change adds a library that makes the usage of kvm safe. Features that are in this initial patch are: - checking for kvm extensions - creating vms and vcpus - adding memory regions - accessing cpu registers - running vcpus - using kvm_run structure on kvm exit - registering ioevents and irqevents TEST=cargo test [--target=armv7a-cros-linux-gnueabi] BUG=chromium:711556 Change-Id: I1f18aad0341ef5129bc5504e9419a3c422d8bdfd Reviewed-on: https://chromium-review.googlesource.com/478551 Commit-Ready: Dylan Reid <dgreid@chromium.org> Tested-by: Zach Reizner <zachr@chromium.org> Reviewed-by: Dylan Reid <dgreid@chromium.org>
This component, known as crosvm, runs untrusted operating systems along with virtualized devices. No actual hardware is emulated. This only runs VMs through the Linux's KVM interface. What makes crosvm unique is a focus on safety within the programming language and a sandbox around the virtual devices to protect the kernel from attack in case of an exploit in the devices.
The crosvm source code is organized into crates, each with their own unit tests. These crates are:
kvm-sys low-level (mostly) auto-generated structures and constants for using KVMkvm unsafe, low-level wrapper code for using kvm-syscrosvm the top-level binary front-end for using crosvmCurrently there is no front-end, so the best you can do is run cargo test in each crate.