// static
zx_status_t Guest::Create(ktl::unique_ptr<Guest>* out) {
// Check that the CPU supports VMX.
if (!x86_feature_test(X86_FEATURE_VMX)) {
return ZX_ERR_NOT_SUPPORTED;
}
zx_status_t status = alloc_vmx_state();
if (status != ZX_OK) {
return status;
}
fbl::AllocChecker ac;
ktl::unique_ptr<Guest> guest(new (&ac) Guest);
if (!ac.check()) {
return ZX_ERR_NO_MEMORY;
}
status = hypervisor::GuestPhysicalAddressSpace::Create(&guest->gpas_);
if (status != ZX_OK) {
return status;
}
// Setup common MSR bitmaps.
VmxInfo vmx_info;
status = guest->msr_bitmaps_page_.Alloc(vmx_info, UINT8_MAX);
if (status != ZX_OK) {
return status;
}
ignore_msr(&guest->msr_bitmaps_page_, true, X86_MSR_IA32_PAT);
ignore_msr(&guest->msr_bitmaps_page_, true, X86_MSR_IA32_EFER);
ignore_msr(&guest->msr_bitmaps_page_, true, X86_MSR_IA32_FS_BASE);
ignore_msr(&guest->msr_bitmaps_page_, true, X86_MSR_IA32_GS_BASE);
ignore_msr(&guest->msr_bitmaps_page_, true, X86_MSR_IA32_KERNEL_GS_BASE);
ignore_msr(&guest->msr_bitmaps_page_, true, X86_MSR_IA32_STAR);
ignore_msr(&guest->msr_bitmaps_page_, true, X86_MSR_IA32_LSTAR);
ignore_msr(&guest->msr_bitmaps_page_, true, X86_MSR_IA32_FMASK);
ignore_msr(&guest->msr_bitmaps_page_, true, X86_MSR_IA32_TSC_ADJUST);
ignore_msr(&guest->msr_bitmaps_page_, true, X86_MSR_IA32_TSC_AUX);
ignore_msr(&guest->msr_bitmaps_page_, true, X86_MSR_IA32_SYSENTER_CS);
ignore_msr(&guest->msr_bitmaps_page_, true, X86_MSR_IA32_SYSENTER_ESP);
ignore_msr(&guest->msr_bitmaps_page_, true, X86_MSR_IA32_SYSENTER_EIP);
// Setup VPID allocator
fbl::AutoLock lock(&guest->vcpu_mutex_);
status = guest->vpid_allocator_.Init();
if (status != ZX_OK) {
return status;
}
*out = ktl::move(guest);
return ZX_OK;
}
// -------------------- EDAC Tests ----------------------
void FileAccessControllerTests::doTestEDAC(EntityDataAccessController *edac) {
StartTrace(FileAccessControllerTests.doTestEDAC);
if (t_assert(edac != NULL)) {
String user("user"), guest("guest"), unknown("unknown"), coffee("coffee");
Anything groups;
groups.Append("coffee");
groups.Append("movies");
Anything allowed;
Anything empty = Anything(Anything::ArrayMarker());
// empty group
t_assert(edac->GetAllowedEntitiesForGroup(guest, allowed));
t_assert(!allowed.IsNull());
assertEqual(0L, allowed.GetSize());
// single group
t_assert(edac->GetAllowedEntitiesForGroup(user, allowed));
assertEqual(2L, allowed.GetSize());
t_assert(allowed.Contains("changePW"));
t_assert(allowed.Contains("resetPW"));
// group list
t_assert(edac->GetAllowedEntitiesForGroups(groups, allowed));
assertEqual(5L, allowed.GetSize());
t_assert(allowed.Contains("tv"));
t_assert(allowed.Contains("espressomachine"));
t_assert(!allowed.Contains("changePW"));
t_assert(edac->GetAllowedEntitiesForGroups(empty, allowed));
t_assert(!allowed.IsNull());
assertEqual(0L, allowed.GetSize());
// specific tests
t_assert(edac->IsAllowed(user, "resetPW"));
t_assert(edac->IsAllowed(coffee, "cookiejar"));
t_assert(!edac->IsAllowed(guest, "everything"));
// tests with unknown
t_assert(!edac->IsAllowed(unknown, "format c:"));
t_assert(!edac->GetAllowedEntitiesForGroup(unknown, allowed));
empty.Append(coffee);
empty.Append(unknown);
t_assert(!edac->GetAllowedEntitiesForGroups(empty, allowed));
}
}