1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
|
load("//tools:defs.bzl", "go_library", "go_test")
load("//tools/go_generics:defs.bzl", "go_template_instance")
package(licenses = ["notice"])
go_template_instance(
name = "atomicptr_machine",
out = "atomicptr_machine_unsafe.go",
package = "kvm",
prefix = "machine",
template = "//pkg/sync/atomicptr:generic_atomicptr",
types = {
"Value": "machine",
},
)
go_library(
name = "kvm",
srcs = [
"address_space.go",
"address_space_amd64.go",
"address_space_arm64.go",
"atomicptr_machine_unsafe.go",
"bluepill.go",
"bluepill_allocator.go",
"bluepill_amd64.go",
"bluepill_amd64_unsafe.go",
"bluepill_arm64.go",
"bluepill_arm64.s",
"bluepill_arm64_unsafe.go",
"bluepill_fault.go",
"bluepill_impl_amd64.s",
"bluepill_unsafe.go",
"context.go",
"filters_amd64.go",
"filters_arm64.go",
"kvm.go",
"kvm_amd64.go",
"kvm_amd64_unsafe.go",
"kvm_arm64.go",
"kvm_arm64_unsafe.go",
"kvm_const.go",
"kvm_const_arm64.go",
"machine.go",
"machine_amd64.go",
"machine_amd64_unsafe.go",
"machine_arm64.go",
"machine_arm64_unsafe.go",
"machine_unsafe.go",
"physical_map.go",
"physical_map_amd64.go",
"physical_map_arm64.go",
"virtual_map.go",
],
visibility = ["//pkg/sentry:internal"],
deps = [
"//pkg/abi/linux",
"//pkg/atomicbitops",
"//pkg/context",
"//pkg/cpuid",
"//pkg/hostarch",
"//pkg/log",
"//pkg/procid",
"//pkg/ring0",
"//pkg/ring0/pagetables",
"//pkg/seccomp",
"//pkg/sentry/arch",
"//pkg/sentry/arch/fpu",
"//pkg/sentry/memmap",
"//pkg/sentry/platform",
"//pkg/sentry/platform/interrupt",
"//pkg/sentry/time",
"//pkg/sighandling",
"//pkg/sync",
"@org_golang_x_sys//unix:go_default_library",
],
)
go_test(
name = "kvm_test",
srcs = [
"kvm_amd64_test.go",
"kvm_amd64_test.s",
"kvm_arm64_test.go",
"kvm_safecopy_test.go",
"kvm_test.go",
"virtual_map_test.go",
],
library = ":kvm",
# FIXME(gvisor.dev/issue/3374): Not working with all build systems.
nogo = False,
# cgo has to be disabled. We have seen libc that blocks all signals and
# calls mmap from pthread_create, but we use SIGSYS to trap mmap system
# calls.
pure = True,
tags = [
"manual",
"nogotsan",
"requires-kvm",
],
deps = [
"//pkg/abi/linux",
"//pkg/hostarch",
"//pkg/memutil",
"//pkg/ring0",
"//pkg/ring0/pagetables",
"//pkg/safecopy",
"//pkg/sentry/arch",
"//pkg/sentry/arch/fpu",
"//pkg/sentry/platform",
"//pkg/sentry/platform/kvm/testutil",
"//pkg/sentry/time",
"@org_golang_x_sys//unix:go_default_library",
],
)
genrule(
name = "bluepill_impl_amd64",
srcs = ["bluepill_amd64.s"],
outs = ["bluepill_impl_amd64.s"],
cmd = "(echo -e '// build +amd64\\n' && $(location //pkg/ring0/gen_offsets) && cat $(SRCS)) > $@",
tools = ["//pkg/ring0/gen_offsets"],
)
|