diff --git a/CMakeLists.txt b/CMakeLists.txt index cf25449..51443b0 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -68,6 +68,7 @@ pkg_check_modules(SDL2_IMAGE SDL2_image REQUIRED) pkg_check_modules(DBUS dbus-1 REQUIRED) pkg_check_modules(LXC lxc REQUIRED) pkg_check_modules(PROPERTIES_CPP properties-cpp REQUIRED) +pkg_check_modules(LIBSYSTEMD libsystemd REQUIRED) message(STATUS "LXC version: ${LXC_VERSION}") if (${LXC_VERSION} VERSION_LESS 3.0) @@ -75,18 +76,16 @@ if (${LXC_VERSION} VERSION_LESS 3.0) message(STATUS "Building with LXC 2.x compatibility support") endif() -option(ANBOX_ENABLE_WAYLAND "Enable wayland support" ON) -if (ANBOX_ENABLE_WAYLAND) +option(ENABLE_WAYLAND "Enable wayland support" ON) +if (ENABLE_WAYLAND) set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -DWAYLAND_SUPPORT") endif() -pkg_check_modules(LIBSYSTEMD libsystemd REQUIRED) -# FIXME mir support is currently broken due to mir's API -# being broken with recent landings in Ubuntu 16.04 -# pkg_check_modules(MIRCLIENT mirclient) -# if (MIRCLIENT_FOUND) -# set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -DMIR_SUPPORT") -# endif() +option(ENABLE_MIR "Enable mir support" OFF) +if (ENABLE_MIR) + pkg_check_modules(MIRCLIENT mirclient REQUIRED) + set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -DMIR_SUPPORT") +endif() set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -DMESA_EGL_NO_X11_HEADERS") @@ -148,7 +147,7 @@ configure_file("${CMAKE_CURRENT_SOURCE_DIR}/cmake_uninstall.cmake.in" add_custom_target(uninstall "${CMAKE_COMMAND}" -P "${CMAKE_CURRENT_BINARY_DIR}/cmake_uninstall.cmake") -option(TOUCH_INPUT "Enable touch input support" OFF) -if (TOUCH_INPUT) +option(ENABLE_TOUCH_INPUT "Enable touch input support" OFF) +if (ENABLE_TOUCH_INPUT) set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -DENABLE_TOUCH_INPUT") endif() diff --git a/scripts/container-manager.sh b/scripts/container-manager.sh index 06a11a4..12a4d31 100755 --- a/scripts/container-manager.sh +++ b/scripts/container-manager.sh @@ -70,6 +70,21 @@ start() { EXTRA_ARGS="$EXTRA_ARGS --privileged" fi + container_network_address=$(snapctl get container.network.address) + if [ -n "$container_network_address" ]; then + EXTRA_ARGS="$EXTRA_ARGS --container-network-address=$container_network_address" + fi + + container_network_gateway=$(snapctl get container.network.gateway) + if [ -n "$container_network_gateway" ]; then + EXTRA_ARGS="$EXTRA_ARGS --container-network-gateway=$container_network_gateway" + fi + + container_network_dns=$(snapctl get container.network.dns) + if [ -n "$container_network_dns" ]; then + EXTRA_ARGS="$EXTRA_ARGS --container-network-dns-servers=$container_network_dns" + fi + exec "$SNAP"/bin/anbox-wrapper.sh container-manager \ --data-path="$DATA_PATH" \ --android-image="$ANDROID_IMG" \ diff --git a/src/anbox/cmds/check_features.cpp b/src/anbox/cmds/check_features.cpp index 5d1be32..309d59f 100644 --- a/src/anbox/cmds/check_features.cpp +++ b/src/anbox/cmds/check_features.cpp @@ -27,9 +27,15 @@ std::vector cpu_whitelist = { // when started with `-cpu qemu64,+ssse3,+sse4.1,+sse4.2,+x2apic` "QEMU", - // Intel Core i7 M620 does not support AVX which causes cpu_features to not - // detect SSE and friends correctly + // The following CPUs do not support AVX and without it cpu_features can't detect + // if SSE & friends are supported. See https://github.com/google/cpu_features/issues/4 + + // Intel Core i7 M620 "M 620", + // Intel Core i5 M460 + "M 460", + // Intel Celeron N2840 + "N2840", }; } // namespace diff --git a/src/anbox/cmds/container_manager.cpp b/src/anbox/cmds/container_manager.cpp index da6b924..307001d 100644 --- a/src/anbox/cmds/container_manager.cpp +++ b/src/anbox/cmds/container_manager.cpp @@ -55,6 +55,15 @@ anbox::cmds::ContainerManager::ContainerManager() flag(cli::make_flag(cli::Name{"use-rootfs-overlay"}, cli::Description{"Use an overlay for the Android rootfs"}, enable_rootfs_overlay_)); + flag(cli::make_flag(cli::Name{"container-network-address"}, + cli::Description{"Assign the specified network address to the Android container"}, + container_network_address_)); + flag(cli::make_flag(cli::Name{"container-network-gateway"}, + cli::Description{"Assign the specified network gateway to the Android container"}, + container_network_gateway_)); + flag(cli::make_flag(cli::Name{"container-network-dns-servers"}, + cli::Description{"Assign the specified DNS servers to the Android container"}, + container_network_dns_servers_)); action([&](const cli::Command::Context&) { try { @@ -93,6 +102,12 @@ anbox::cmds::ContainerManager::ContainerManager() container::Service::Configuration config; config.privileged = privileged_; config.rootfs_overlay = enable_rootfs_overlay_; + config.container_network_address = container_network_address_; + config.container_network_gateway = container_network_gateway_; + + if (container_network_dns_servers_.length() > 0) + config.container_network_dns_servers = utils::string_split(container_network_dns_servers_, ','); + auto service = container::Service::create(rt, config); rt->start(); diff --git a/src/anbox/cmds/container_manager.h b/src/anbox/cmds/container_manager.h index 8532147..4fb151a 100644 --- a/src/anbox/cmds/container_manager.h +++ b/src/anbox/cmds/container_manager.h @@ -45,6 +45,9 @@ class ContainerManager : public cli::CommandWithFlagsAndAction { bool privileged_ = false; bool daemon_ = false; bool enable_rootfs_overlay_ = false; + std::string container_network_address_; + std::string container_network_gateway_; + std::string container_network_dns_servers_; }; } // namespace cmds } // namespace anbox diff --git a/src/anbox/container/lxc_container.cpp b/src/anbox/container/lxc_container.cpp index e3be6c1..6ab8c26 100644 --- a/src/anbox/container/lxc_container.cpp +++ b/src/anbox/container/lxc_container.cpp @@ -88,11 +88,19 @@ constexpr int device_minor(__dev_t dev) { namespace anbox { namespace container { -LxcContainer::LxcContainer(bool privileged, bool rootfs_overlay, const network::Credentials &creds) +LxcContainer::LxcContainer(bool privileged, + bool rootfs_overlay, + const std::string& container_network_address, + const std::string &container_network_gateway, + const std::vector &container_network_dns_servers, + const network::Credentials &creds) : state_(State::inactive), container_(nullptr), privileged_(privileged), rootfs_overlay_(rootfs_overlay), + container_network_address_(container_network_address), + container_network_gateway_(container_network_gateway), + container_network_dns_servers_(container_network_dns_servers), creds_(creds) { utils::ensure_paths({ SystemConfiguration::instance().container_config_dir(), @@ -145,9 +153,22 @@ void LxcContainer::setup_network() { android::IpConfigBuilder ip_conf; ip_conf.set_version(android::IpConfigBuilder::Version::Version2); ip_conf.set_assignment(android::IpConfigBuilder::Assignment::Static); - ip_conf.set_link_address(default_container_ip_address, default_container_ip_prefix_length); + + std::string address = default_container_ip_address; + if (!container_network_address_.empty()) + address = container_network_address_; + ip_conf.set_link_address(address, default_container_ip_prefix_length); + + std::string gateway = default_host_ip_address; + if (!container_network_gateway_.empty()) + gateway = container_network_gateway_; ip_conf.set_gateway(default_host_ip_address); - ip_conf.set_dns_servers({default_dns_server}); + + if (container_network_dns_servers_.size() > 0) + ip_conf.set_dns_servers(container_network_dns_servers_); + else + ip_conf.set_dns_servers({default_dns_server}); + ip_conf.set_id(0); std::vector buffer(512); diff --git a/src/anbox/container/lxc_container.h b/src/anbox/container/lxc_container.h index 4871014..2fa159d 100644 --- a/src/anbox/container/lxc_container.h +++ b/src/anbox/container/lxc_container.h @@ -22,6 +22,7 @@ #include "anbox/network/credentials.h" #include +#include #include @@ -29,7 +30,12 @@ namespace anbox { namespace container { class LxcContainer : public Container { public: - LxcContainer(bool privileged, bool rootfs_overlay, const network::Credentials &creds); + LxcContainer(bool privileged, + bool rootfs_overlay, + const std::string &container_network_address, + const std::string &container_network_gateway, + const std::vector &container_network_dns_servers, + const network::Credentials &creds); ~LxcContainer(); void start(const Configuration &configuration) override; @@ -46,6 +52,9 @@ class LxcContainer : public Container { lxc_container *container_; bool privileged_; bool rootfs_overlay_; + std::string container_network_address_; + std::string container_network_gateway_; + std::vector container_network_dns_servers_; network::Credentials creds_; }; } // namespace container diff --git a/src/anbox/container/service.cpp b/src/anbox/container/service.cpp index 2c192fb..71cc6e3 100644 --- a/src/anbox/container/service.cpp +++ b/src/anbox/container/service.cpp @@ -86,7 +86,12 @@ void Service::new_client(std::shared_ptr(); auto rpc_channel = std::make_shared(pending_calls, messenger); auto server = std::make_shared( - pending_calls, std::make_shared(config_.privileged, config_.rootfs_overlay, messenger->creds())); + pending_calls, std::make_shared(config_.privileged, + config_.rootfs_overlay, + config_.container_network_address, + config_.container_network_gateway, + config_.container_network_dns_servers, + messenger->creds())); auto processor = std::make_shared( messenger, pending_calls, server); diff --git a/src/anbox/container/service.h b/src/anbox/container/service.h index d58b455..37450d1 100644 --- a/src/anbox/container/service.h +++ b/src/anbox/container/service.h @@ -33,6 +33,9 @@ class Service : public std::enable_shared_from_this { struct Configuration { bool privileged = false; bool rootfs_overlay = true; + std::string container_network_address; + std::string container_network_gateway; + std::vector container_network_dns_servers; }; static std::shared_ptr create(const std::shared_ptr &rt,