| // Copyright 2022 The Fuchsia Authors. All rights reserved. |
| // Use of this source code is governed by a BSD-style license that can be |
| // found in the LICENSE file. |
| { |
| include: [ |
| "inspect/client.shard.cml", |
| "syslog/client.shard.cml", |
| ], |
| program: { |
| runner: "elf", |
| binary: "bin/starnix_kernel", |
| job_policy_create_raw_processes: "true", |
| is_shared_process: "true", |
| use_next_vdso: "true", |
| lifecycle: { stop_event: "notify" }, |
| |
| // Needed because starnix depends on the usercopy crate which takes |
| // the job's exception channel to handle page faults. Normally the |
| // ELF runner takes the job's exception channel so we need to ask |
| // it to make sure the starnix process's immediate parent job has |
| // its exception channel available for taking. |
| job_with_available_exception_channel: "true", |
| |
| // The starnix kernel reports memory attribution information |
| // for the Starnix containers it runs, which in turn will report |
| // memory attribution information for their Linux processes. |
| memory_attribution: "true", |
| }, |
| capabilities: [ |
| { |
| runner: "starnix", |
| path: "/svc/fuchsia.starnix.container.Runner", |
| }, |
| { |
| protocol: [ |
| "fuchsia.component.runner.ComponentRunner", |
| "fuchsia.memory.attribution.Provider", |
| "fuchsia.starnix.container.Controller", |
| "fuchsia.starnix.container.Runner", |
| ], |
| }, |
| ], |
| use: [ |
| { protocol: "fuchsia.kernel.VmexResource" }, |
| { |
| protocol: [ |
| "fuchsia.cpu.profiler.Session", |
| |
| // Requires AIB starnix_runner_settable_utc_time. |
| "fuchsia.time.external.Adjust", |
| |
| // Only used in tests for injecting a custom UTC clock handle. |
| "fuchsia.time.Maintenance", |
| ], |
| availability: "optional", |
| }, |
| { |
| directory: "boot-kernel", |
| rights: [ "r*" ], |
| path: "/boot/kernel", |
| }, |
| { |
| // TODO(https://fxbug.dev/324273348): Remove this capability once the clients have |
| // been migrated to services. The service capability has been added below. |
| directory: "dev-gpu", |
| rights: [ "r*" ], |
| path: "/dev/class/gpu", |
| availability: "optional", |
| }, |
| { |
| directory: "dev-serial", |
| rights: [ "r*" ], |
| path: "/dev/class/serial", |
| availability: "optional", |
| }, |
| { |
| directory: "dev-temperature", |
| rights: [ "r*" ], |
| path: "/dev/class/temperature", |
| availability: "optional", |
| }, |
| { |
| directory: "dev-trippoint", |
| rights: [ "r*" ], |
| path: "/dev/class/trippoint", |
| availability: "optional", |
| }, |
| { |
| // This service replaces the directory capability above. |
| service: "fuchsia.gpu.magma.Service", |
| availability: "optional", |
| }, |
| { |
| service: "fuchsia.hardware.adb.Service", |
| from: "parent", |
| }, |
| { |
| service: "fuchsia.hardware.google.nanohub.DataChannelService", |
| from: "parent", |
| }, |
| { |
| service: "fuchsia.hardware.qcom.hvdcpopti.Service", |
| from: "parent", |
| availability: "optional", |
| }, |
| { |
| directory: "container_config", |
| from: "parent", |
| rights: [ "r*" ], |
| path: "/container_config", |
| availability: "optional", |
| }, |
| |
| // LINT.IfChange |
| { |
| config: "fuchsia.starnix.config.container.ExtraFeatures", |
| from: "parent", |
| key: "extra_features", |
| type: "vector", |
| element: { |
| type: "string", |
| max_size: 1024, |
| }, |
| max_count: 1024, |
| default: [], |
| availability: "transitional", |
| }, |
| |
| // LINT.ThenChange(//src/starnix/containers/container_config.shard.cml) |
| { |
| protocol: [ |
| "fuchsia.boot.Items", |
| "fuchsia.buildinfo.Provider", |
| "fuchsia.diagnostics.ArchiveAccessor", |
| "fuchsia.feedback.CrashReporter", |
| "fuchsia.feedback.LastRebootInfoProvider", |
| "fuchsia.hardware.backlight.Device", |
| "fuchsia.hardware.google.nanohub.Device", |
| "fuchsia.hardware.google.nanohub.DisplayDevice", |
| "fuchsia.hardware.power.statecontrol.Admin", |
| "fuchsia.hardware.qualcomm.fastrpc.SecureFastRpc", |
| "fuchsia.hardware.sockettunnel.Device", |
| "fuchsia.kernel.Stats", |
| "fuchsia.net.filter.Control", |
| "fuchsia.net.filter.SocketControl", |
| "fuchsia.net.interfaces.admin.Installer", |
| "fuchsia.net.interfaces.State", |
| "fuchsia.net.ndp.RouterAdvertisementOptionWatcherProvider", |
| "fuchsia.net.policy.socketproxy.StarnixNetworks", |
| "fuchsia.net.root.Interfaces", |
| "fuchsia.net.routes.admin.RouteTableProviderV4", |
| "fuchsia.net.routes.admin.RouteTableProviderV6", |
| "fuchsia.net.routes.admin.RouteTableV4", |
| "fuchsia.net.routes.admin.RouteTableV6", |
| "fuchsia.net.routes.admin.RuleTableV4", |
| "fuchsia.net.routes.admin.RuleTableV6", |
| "fuchsia.net.routes.StateV4", |
| "fuchsia.net.routes.StateV6", |
| "fuchsia.net.tun.Control", |
| "fuchsia.posix.socket.packet.Provider", |
| "fuchsia.posix.socket.Provider", |
| "fuchsia.posix.socket.raw.Provider", |
| "fuchsia.power.broker.Topology", |
| "fuchsia.power.suspend.Stats", |
| "fuchsia.power.system.ActivityGovernor", |
| "fuchsia.recovery.FactoryReset", |
| "fuchsia.scheduler.RoleManager", |
| "fuchsia.starnix.psi.PsiProvider", |
| "fuchsia.starnix.runner.Manager", |
| "fuchsia.sys2.BootController", |
| "fuchsia.sysinfo.SysInfo", |
| "fuchsia.sysmem.Allocator", |
| "fuchsia.sysmem2.Allocator", |
| "fuchsia.time.alarms.WakeAlarms", |
| "fuchsia.tracing.provider.Registry", |
| "fuchsia.ui.composition.Allocator", |
| "fuchsia.ui.composition.Flatland", |
| "fuchsia.ui.display.singleton.Info", |
| "fuchsia.ui.input3.Keyboard", |
| "fuchsia.ui.policy.DeviceListenerRegistry", |
| "fuchsia.ui.test.input.Registry", |
| "fuchsia.vulkan.loader.Loader", |
| "fuchsia.wlan.wlanix.Wlanix", |
| ], |
| from: "parent", |
| availability: "optional", |
| }, |
| ], |
| expose: [ |
| { |
| runner: "starnix", |
| from: "self", |
| }, |
| { |
| protocol: [ |
| "fuchsia.component.runner.ComponentRunner", |
| "fuchsia.memory.attribution.Provider", |
| "fuchsia.starnix.container.Controller", |
| "fuchsia.starnix.container.Runner", |
| ], |
| from: "self", |
| }, |
| { |
| protocol: "fuchsia.component.Binder", |
| from: "framework", |
| }, |
| ], |
| } |
