1// Copyright 2017 The Chromium OS Authors. All rights reserved. 2// Use of this source code is governed by a BSD-style license that can be 3// found in the LICENSE file. 4 5syntax = "proto3"; 6option optimize_for = LITE_RUNTIME; 7 8// This file defines messages used for starting, stopping, and managing VMs. 9package vm_tools.concierge; 10option go_package = "vm_concierge_proto"; 11 12// Specification of the key components of a VM. 13message VirtualMachineSpec { 14 // Path to the kernel that should be used for the VM. 15 string kernel = 1; 16 17 // Path to the disk image that should be used as the root file system for 18 // the VM. 19 string rootfs = 2; 20} 21 22// The type of disk image. 23enum DiskImageType { 24 // A raw file. 25 DISK_IMAGE_RAW = 0; 26 27 // A qcow2-compatible disk image. 28 DISK_IMAGE_QCOW2 = 1; 29} 30 31// Describes any additional disk images that should be mounted inside the VM. 32message DiskImage { 33 // Path to the disk image on the host. 34 string path = 1; 35 36 // Path where this disk image will be mounted inside the VM. 37 string mount_point = 2; 38 39 // The file system type for this disk image. 40 string fstype = 3; 41 42 // Any special flags to be used when mounting the file system. Specified the 43 // same way as in mount(2). 44 uint64 flags = 4; 45 46 // Any additional data associated with the mount. 47 string data = 5; 48 49 // If true, the disk image will be mounted writable. 50 bool writable = 6; 51 52 // If true, the disk image will be mounted. 53 bool do_mount = 7; 54 55 // Image type of the disk. 56 DiskImageType image_type = 8; 57} 58 59// Information about a particular VM. 60message VmInfo { 61 // The IPv4 address assigned to the VM, in network byte order. 62 fixed32 ipv4_address = 1; 63 64 // The process ID of the main crosvm process for the VM. 65 int32 pid = 2; 66 67 // The virtual socket context id assigned to the VM. 68 int64 cid = 3; 69 70 // The handle to a 9p server managed by the seneschal system service. Use 71 // this handle when making requests to that service to manage the files shared 72 // with this VM. 73 uint64 seneschal_server_handle = 4; 74} 75 76// Information that must be included with every StartVm dbus message. 77message StartVmRequest { 78 // The VM that should be started. This is ignored if starting a termina VM, 79 // which will always use the latest component from imageloader. 80 VirtualMachineSpec vm = 1; 81 82 // Any additional disks that should be mounted inside the VM. 83 repeated DiskImage disks = 2; 84 85 // Path to a shared directory that will be mounted via NFS inside the VM. 86 // DEPRECATED: The server never did anything with this field. Instead callers 87 // should use the |shared_dir_handle| field of the VmInfo message to get a 88 // server handle that can be used in requests to the seneschal system service. 89 string shared_directory = 3 [deprecated = true]; 90 91 // The human-readable name to be assigned to this VM. 92 string name = 4; 93 94 // If true, concierge should also perform termina-specific setup. 95 bool start_termina = 5; 96 97 // If true, a file descriptor must be passed along with the message and that 98 // file descriptor will be used for storage. 99 // Ignored unless |start_termina| is true. 100 bool use_fd_for_storage = 6; 101 102 // The owner of the vm. 103 string owner_id = 7; 104} 105 106enum VmStatus { 107 // Unknown status. 108 VM_STATUS_UNKNOWN = 0; 109 110 // The VM is already running. 111 VM_STATUS_RUNNING = 1; 112 113 // The VM is currently starting up. 114 VM_STATUS_STARTING = 2; 115 116 // The VM failed to startup. 117 VM_STATUS_FAILURE = 3; 118} 119 120// Information sent back by vm_concierge in response to a StartVm dbus message. 121message StartVmResponse { 122 // If true, the VM was started successfully. |vm_info| will have non-default 123 // values only if this is true. 124 bool success = 1; 125 126 // If the VM failed to start, the reason for the failure. 127 string failure_reason = 2; 128 129 // Information about the VM that was started, if successful. 130 VmInfo vm_info = 3; 131 132 // Status of the VM. If VM_STATUS_RUNNING, it is not necessary to wait for a 133 // TremplinStartedSignal before starting a container in the VM. 134 VmStatus status = 4; 135} 136 137// Information that must be included with every StopVm dbus message. 138message StopVmRequest { 139 // The name of the VM to be stopped. 140 string name = 1; 141 142 // The owner of the vm. 143 string owner_id = 2; 144} 145 146// Response sent back by vm_concierge when it receives a StopVm dbus message. 147message StopVmResponse { 148 // If true, the requested VM was stopped. 149 bool success = 1; 150 151 // The failure_reason if the requested VM could not be stopped. 152 string failure_reason = 2; 153} 154 155// Request for information about the VM. 156message GetVmInfoRequest { 157 // The name of the VM to query. 158 string name = 1; 159 160 // The owner of the vm. 161 string owner_id = 2; 162} 163 164// Response sent back by vm_concierge for a GetVmInfo dbus message. 165message GetVmInfoResponse { 166 // If true, the requested VM exists and info was returned. 167 bool success = 1; 168 169 // Information about the VM that was requested. 170 VmInfo vm_info = 2; 171} 172 173// The type of storage location for a disk image. 174enum StorageLocation { 175 // Subdirectory under /home/root/<id>/crosvm. 176 STORAGE_CRYPTOHOME_ROOT = 0; 177 178 // The user's Downloads directory, under /home/user/<id>/Downloads. 179 STORAGE_CRYPTOHOME_DOWNLOADS = 1; 180} 181 182enum DiskImageStatus { 183 // Unknown status. 184 DISK_STATUS_UNKNOWN = 0; 185 186 // The disk image was created. 187 DISK_STATUS_CREATED = 1; 188 189 // The disk already existed. 190 DISK_STATUS_EXISTS = 2; 191 192 // Unable to create the disk image. 193 DISK_STATUS_FAILED = 3; 194 195 // Specified Disk does not exist. 196 DISK_STATUS_DOES_NOT_EXIST = 4; 197 198 // The specified disk was destroyed. 199 DISK_STATUS_DESTROYED = 5; 200} 201 202// Request to concierge to create a disk image. 203message CreateDiskImageRequest { 204 // The cryptohome id for the user's encrypted storage. 205 string cryptohome_id = 1; 206 207 // The path to the disk image. This must be a relative path, and any 208 // directories must already exist. 209 string disk_path = 2; 210 211 // The logical size of the new disk image, in bytes. 212 uint64 disk_size = 3; 213 214 // The type of disk image to be created. 215 DiskImageType image_type = 4; 216 217 // The storage location for the disk image. 218 StorageLocation storage_location = 5; 219} 220 221// Response to a CreateDiskImageRequest. 222message CreateDiskImageResponse { 223 // If true, the disk image has been successfully created. 224 DiskImageStatus status = 1; 225 226 // The absolute path to the created disk image, if it was successfully 227 // created or already existed. 228 string disk_path = 2; 229 230 // The failure reason if the disk image could not be created or doesn't exist. 231 string failure_reason = 3; 232} 233 234// Request to concierge to destroy a disk image. 235message DestroyDiskImageRequest { 236 // The cryptohome id for the user's encrypted storage. 237 string cryptohome_id = 1; 238 239 // The path to the disk image. This must be a relative path. 240 string disk_path = 2; 241 242 // The storage location for the disk image. 243 StorageLocation storage_location = 3; 244} 245 246// Response to a DestroyDiskImageRequest. 247message DestroyDiskImageResponse { 248 // If DISK_STATUS_DESTROYED, the disk image has been successfully destroyed. 249 // If DISK_STATUS_DOES_NOT_EXIST, the disk image had already been removed. 250 DiskImageStatus status = 1; 251 252 // The failure reason if the disk image could not be destroyed or doesn't exist. 253 string failure_reason = 3; 254} 255 256// Request to concierge to export a disk image. 257// Must be accompanied by an FD. The contents of `disk_path` will be written to 258// the passed FD. 259message ExportDiskImageRequest { 260 // The cryptohome id for the user's encrypted storage. 261 string cryptohome_id = 1; 262 263 // The path to the disk image. This must be a relative path. 264 string disk_path = 2; 265} 266 267// Response to a ExportDiskImageRequest. 268message ExportDiskImageResponse { 269 // If DISK_STATUS_CREATED, the disk image has been successfully exported. 270 DiskImageStatus status = 1; 271 272 // The failure reason if the disk image could not be exported. 273 string failure_reason = 2; 274} 275 276// Request to list all VM disk images in the given storage area. 277message ListVmDisksRequest { 278 // The cryptohome id for the user's encrypted storage. 279 string cryptohome_id = 1; 280 281 // The storage location to check. 282 StorageLocation storage_location = 2; 283} 284 285// Response to ListVmDisks { 286message ListVmDisksResponse { 287 // If true, the images array is valid. 288 bool success = 1; 289 290 // List of disk images. 291 repeated string images = 2; 292 293 // The failure reason if the disks could not be listed. 294 string failure_reason = 3; 295 296 // The total size in bytes on disk of the disk images in the response. 297 uint64 total_size = 4; 298} 299 300// Message used in the signal for when a container has failed to start up. 301message ContainerStartedSignal { 302 // Name of the VM the container is in. 303 string vm_name = 1; 304 305 // Name of the container within the VM. 306 string container_name = 2; 307 308 // The owner of the vm and container. 309 string owner_id = 3; 310} 311 312// Request to start a specified container image within a VM. If the container 313// does not exist in the VM it will be created. Used with the StartContainer 314// D-Bus message into vm_concierge. 315message StartContainerRequest { 316 // Name of the VM to start the container in. 317 string vm_name = 1; 318 319 // Name of the container to start within the VM. If empty, the default 320 // container name will be used. 321 string container_name = 2; 322 323 // Username for the default user in the container. This is only used if the 324 // container has not been created yet. 325 string container_username = 3; 326 327 // Async mode is always used now. 328 bool async = 4 [deprecated=true]; 329 330 // The cryptohome id for the user's encrypted storage. This is used for SSH 331 // key storage. 332 string cryptohome_id = 5; 333} 334 335enum ContainerStatus { 336 // Unknown status. 337 CONTAINER_STATUS_UNKNOWN = 0; 338 339 // The container is already running. 340 CONTAINER_STATUS_RUNNING = 1; 341 342 // The container is currently starting up. 343 CONTAINER_STATUS_STARTING = 2; 344 345 // The container failed to startup. 346 CONTAINER_STATUS_FAILURE = 3; 347} 348 349// Response sent back by vm_concierge when it receives a StartContaienr D-Bus 350// message. 351message StartContainerResponse { 352 // Use the status field instead. 353 bool success = 1 [deprecated=true]; 354 355 // The failure_reason if the status is CONTAINER_STATUS_FAILURE. 356 string failure_reason = 2; 357 358 // The status of the container as a result of the StartContainer call. If the 359 // status is CONTAINER_STATUS_STARTING then a D-Bus signal will be sent to 360 // indicate whether success or failure occurred. The signal should be 361 // registered for before the StartContainer call is made because it may be 362 // sent before the call returns. 363 ContainerStatus status = 3; 364} 365 366// Request to get the SSH keys associated with the host and a specific 367// container for the GetContainerSshKeys call. These keys will be generated 368// when StartContainer is called the first time for a container, so this should 369// not be called until after that call is invoked. 370message ContainerSshKeysRequest { 371 // Name of the VM to target. 372 string vm_name = 1; 373 374 // Name of the container within the VM to target, if empty the default 375 // container name will be used. 376 string container_name = 2; 377 378 // The cryptohome id for the user's encrypted storage. 379 string cryptohome_id = 3; 380} 381 382// Response sent back by vm_concierge when it receives a GetContainerSshKeys 383// call. If either of the keys do not exist, the empty string will be set for 384// that value. 385message ContainerSshKeysResponse { 386 // Public key of the container for verification of it as a known host. This 387 // will be a single line string equivalent to the contents in the ssh-keygen 388 // generated file. 389 string container_public_key = 1; 390 391 // Private key for the host, counterpart to the public key which is stored in 392 // the container as an authorized host. This will be a multiline string that 393 // is equivalent to the contents in the ssh-keygen generated file. This will 394 // be the same for all VMs/containers. 395 string host_private_key = 2; 396 397 // The hostname of the container. 398 string hostname = 3; 399 400 // Public key of the host for verification of it as a known host. This 401 // will be a single line string equivalent to the contents in the ssh-keygen 402 // generated file. 403 string host_public_key = 4; 404 405 // Private key for the container, counterpart to the public key which is 406 // stored in the container. This will be a multiline string that 407 // is equivalent to the contents in the ssh-keygen generated file. This is 408 // unique for each container. 409 string container_private_key = 5; 410} 411