Gitiles
Code Review Sign In
gerrit.omnirom.org / android_packages_modules_Virtualization / 533e34376be49b00072f4518eec103cdf2918225
commit533e34376be49b00072f4518eec103cdf2918225[log] [tgz]
authorDavid Brazdil <dbrazdil@google.com>Fri Oct 28 14:06:49 2022 +0100
committerDavid Brazdil <dbrazdil@google.com>Thu Nov 10 16:37:24 2022 +0000
treeb1899f23df8abbf48b7a836b071716ba1432b5f3
parent36a58d96e6d7bc35cb0d0d6be1b3f9ee17d74e8a [diff]
Remove CAP_IPC_LOCK from crosvm, use CAP_SYS_RESOURCE on VS

Crosvm currently has a capability that allows it to mlock() unlimited
amounts of RAM, necessary for running protected VMs. This mechanims is
not compatible with switching to crosvm as a child process, so replace
it with setrlimit from virtualizationservice. The limit is set to
RLIM_INFINITY to preserve the original property.

Bug: 204298056
Bug: 245727626
Test: atest MicrodroidTestApp
Change-Id: Iec393f5c0548f7eac1ba162214b57350d8328637
2 files changed
tree: b1899f23df8abbf48b7a836b071716ba1432b5f3
  1. apex/
  2. apkdmverity/
  3. authfs/
  4. avmd/
  5. compos/
  6. demo/
  7. docs/
  8. javalib/
  9. launcher/
  10. libs/
  11. microdroid/
  12. microdroid_manager/
  13. pvmfw/
  14. rialto/
  15. tests/
  16. virtualizationservice/
  17. vm/
  18. vmbase/
  19. vmclient/
  20. zipfuse/
  21. rustfmt.toml ⇨ ../../../build/soong/scripts/rustfmt.toml
  22. .clang-format
  23. .gitignore
  24. Android.bp
  25. OWNERS
  26. PREUPLOAD.cfg
  27. README.md
  28. TEST_MAPPING
README.md

Virtualization

This repository contains userspace services related to running virtual machines on Android, especially protected virtual machines. See the getting started documentation and Microdroid README for more information.