[roll] Roll fuchsia [virtualization] Use VmexResource instead of ambient vmex We'd like to remove all calls to replace_as_executable that do not provide a valid VMEX resource, so that we can remove the deprecated-ambient-replace-as-executable job policy in favor of explicitly-routed services for accessing that functionality. To that end, this patchset: * adds code to obtain a VmexResource from the `fuchsia.kernel.VmexResource` service * replaces the VMM's reliance on ambient replace-as-exec with code that obtains a VmexResource and then passes that resource along when making the replace_as_executable syscall. * removes the `deprecated-ambient-replace-as-executable` feature from the vmm's sandbox and adds the `fuchsia.kernel.VmexResource` service to that sandbox. * adds the VmexResource service to the EnclosedGuest sandbox for tests * adds `fuchsia.kernel.VmexResource` to various tests that rely on netemul-sandbox * adds all virtualization-related components to appmgr's vmex resource allowlist, so that this will still be permitted by policy Original-Fixed: 47398 Original-Reviewed-on: https://fuchsia-review.googlesource.com/c/fuchsia/+/485740 Original-Revision: 5cb5c6b49c7224db174d16b678ac3b0fae4127dc GitOrigin-RevId: 967b2f36a2b6d3e54f381dc31322ebc1239e2e19 Change-Id: Ia1e3ed9667e30e8061b8f5c72ef6d0033585089b
This repository contains Fuchsia's Global Integration manifest files.
All changes should be made to the internal version of this repository. Our infrastructure automatically updates this version when the internal one changes.
Currently all changes must be made by a Google employee. Non-Google employees wishing to make a change can ask for assistance via the IRC channel #fuchsia on Freenode.
First install Jiri.
Next run:
$ jiri init $ jiri import minimal https://fuchsia.googlesource.com/integration $ jiri update
Third party projects should have their own subdirectory in ./third_party.