crosvm: init at 77.0.3865.105

[ghost]

Motivation for this change

crosvm is a virtual machine monitor for KVM, taking a role similar to qemu, but aiming to be much more secure by virtue of omitting the emulation of devices and using a memory-safe programming language as well as isolation of different components via seccomp. It is mostly used on Chromium OS, but not limited to it.

Things done

• Tested using sandboxing (nix.useSandbox on NixOS, or option sandbox in nix.conf on non-NixOS)
• Built on platform(s)
  • NixOS
  • macOS
  • other Linux distributions
• Tested via one or more NixOS test(s) if existing and applicable for the change (look inside nixos/tests)
• Tested compilation of all pkgs that depend on this change using nix-shell -p nox --run "nox-review wip"
• Tested execution of all binary files (usually in ./result/bin/)
• Determined the impact on package closure size (by running nix path-info -S before and after)
• Assured whether relevant documentation is up to date
• Fits CONTRIBUTING.md.

---

[dtzWill]

Builds and was able to start running my current kernel (needed to extract vmlinux, even though it says wants bzImage?) which didn't get too far since no devices or disk :D.

[dtzWill]

R73:
dtzWill@5781a82

Although didn't test it beyond building and ensuring the crosvm tool runs.

Is this PR blocking on something? Any reservations about merging?

[ghost]

I haven't actually tested it any further than you in December because I got distracted before I could build one with the paravirtualized disk drivers, but in theory (we all know how that goes!) it should work.

[ghost]

Updated to version 75. It's now a bit more complex since it has a dependency on a library somewhere else in the Chromium repo and we don't want to check the whole thing out.

[ghost]

Before this is merged, I would like for the branch this is based on to turn stable and I would like to figure out how Chromium OS release candidates (tracked here) are turned into actual Chromium OS releases so I can match them.

[aanderse]

ping (triage)

[ghost]

This needs an updater script, some tests, and possibly some optional dependencies added.

EDIT: Update script provided by @alyssais! :D

[alyssais]

@hyperfekt where did the platform list come from?

[ghost]

@alyssais: That was just a function of crosvm requiring KVM (that's the linux part) and it shipping with seccomp policies for these two architectures.

[7c6f434c]

@hyperfekt the current version is ready for merge, right?

@alyssais is the CrosVM version you test in your SpectrumOS efforts the same as this PR?

[alyssais]

This is different to the crosvm expression in the Spectrum tree, because that one has improvements that depend on #74862 and #74863, as well as the shared updater for Chromium OS packages I haven't tried to upstream yet. This is fine to merge as is, I think. It's slightly out of date now, but it updates all the time, so let's just merge it anyway. Otherwise by the time we came round to it again after updating it would need to be updated again anyway.