/* automatically generated by rust-bindgen 0.72.1 */
pub const KRUN_LOG_TARGET_DEFAULT: i32 = -1;
pub const KRUN_LOG_LEVEL_OFF: u32 = 0;
pub const KRUN_LOG_LEVEL_ERROR: u32 = 1;
pub const KRUN_LOG_LEVEL_WARN: u32 = 2;
pub const KRUN_LOG_LEVEL_INFO: u32 = 3;
pub const KRUN_LOG_LEVEL_DEBUG: u32 = 4;
pub const KRUN_LOG_LEVEL_TRACE: u32 = 5;
pub const KRUN_LOG_STYLE_AUTO: u32 = 0;
pub const KRUN_LOG_STYLE_ALWAYS: u32 = 1;
pub const KRUN_LOG_STYLE_NEVER: u32 = 2;
pub const KRUN_LOG_OPTION_NO_ENV: u32 = 1;
pub const KRUN_DISK_FORMAT_RAW: u32 = 0;
pub const KRUN_DISK_FORMAT_QCOW2: u32 = 1;
pub const KRUN_DISK_FORMAT_VMDK: u32 = 2;
pub const KRUN_SYNC_NONE: u32 = 0;
pub const KRUN_SYNC_RELAXED: u32 = 1;
pub const KRUN_SYNC_FULL: u32 = 2;
pub const NET_FLAG_VFKIT: u32 = 1;
pub const KRUN_TSI_HIJACK_INET: u32 = 1;
pub const KRUN_TSI_HIJACK_UNIX: u32 = 2;
pub const NET_FEATURE_CSUM: u32 = 1;
pub const NET_FEATURE_GUEST_CSUM: u32 = 2;
pub const NET_FEATURE_GUEST_TSO4: u32 = 128;
pub const NET_FEATURE_GUEST_TSO6: u32 = 256;
pub const NET_FEATURE_GUEST_UFO: u32 = 1024;
pub const NET_FEATURE_HOST_TSO4: u32 = 2048;
pub const NET_FEATURE_HOST_TSO6: u32 = 4096;
pub const NET_FEATURE_HOST_UFO: u32 = 16384;
pub const COMPAT_NET_FEATURES: u32 = 19587;
pub const VIRGLRENDERER_USE_EGL: u32 = 1;
pub const VIRGLRENDERER_THREAD_SYNC: u32 = 2;
pub const VIRGLRENDERER_USE_GLX: u32 = 4;
pub const VIRGLRENDERER_USE_SURFACELESS: u32 = 8;
pub const VIRGLRENDERER_USE_GLES: u32 = 16;
pub const VIRGLRENDERER_USE_EXTERNAL_BLOB: u32 = 32;
pub const VIRGLRENDERER_VENUS: u32 = 64;
pub const VIRGLRENDERER_NO_VIRGL: u32 = 128;
pub const VIRGLRENDERER_USE_ASYNC_FENCE_CB: u32 = 256;
pub const VIRGLRENDERER_RENDER_SERVER: u32 = 512;
pub const VIRGLRENDERER_DRM: u32 = 1024;
pub const KRUN_MAX_DISPLAYS: u32 = 16;
pub const KRUN_KERNEL_FORMAT_RAW: u32 = 0;
pub const KRUN_KERNEL_FORMAT_ELF: u32 = 1;
pub const KRUN_KERNEL_FORMAT_PE_GZ: u32 = 2;
pub const KRUN_KERNEL_FORMAT_IMAGE_BZ2: u32 = 3;
pub const KRUN_KERNEL_FORMAT_IMAGE_GZ: u32 = 4;
pub const KRUN_KERNEL_FORMAT_IMAGE_ZSTD: u32 = 5;
pub const KRUN_FEATURE_NET: u32 = 0;
pub const KRUN_FEATURE_BLK: u32 = 1;
pub const KRUN_FEATURE_GPU: u32 = 2;
pub const KRUN_FEATURE_SND: u32 = 3;
pub const KRUN_FEATURE_INPUT: u32 = 4;
pub const KRUN_FEATURE_EFI: u32 = 5;
pub const KRUN_FEATURE_TEE: u32 = 6;
pub const KRUN_FEATURE_AMD_SEV: u32 = 7;
pub const KRUN_FEATURE_INTEL_TDX: u32 = 8;
pub const KRUN_FEATURE_AWS_NITRO: u32 = 9;
pub const KRUN_FEATURE_VIRGL_RESOURCE_MAP2: u32 = 10;
pub type __uid_t = ::core::ffi::c_uint;
pub type __gid_t = ::core::ffi::c_uint;
pub type gid_t = __gid_t;
pub type uid_t = __uid_t;
unsafe extern "C" {
#[doc = " Sets the log level for the library.\n\n Arguments:\n \"level\" can be one of the following values:\n 0: Off\n 1: Error\n 2: Warn\n 3: Info\n 4: Debug\n 5: Trace\n\n Returns:\n Zero on success or a negative error number on failure."]
pub fn krun_set_log_level(level: u32) -> i32;
}
unsafe extern "C" {
#[doc = " Initializes logging for the library.\n\n Arguments:\n \"target_fd\" - File descriptor to write log to. Note that using a file descriptor pointing to a regular file on\n filesystem might slow down the VM.\n Use KRUN_LOG_TARGET_DEFAULT to use the default target for log output (stderr).\n\n \"level\" - Level is an integer specifying the level of verbosity, higher number means more verbose log.\n The log levels are described by the constants: KRUN_LOG_LEVEL_{OFF, ERROR, WARN, INFO, DEBUG, TRACE}\n\n \"style\" - Enable/disable usage of terminal escape sequences (to display colors)\n One of: KRUN_LOG_STYLE_{AUTO, ALWAYS, NEVER}.\n\n \"options\" - Bitmask of logging options, use 0 for default options.\n KRUN_LOG_OPTION_NO_ENV to disallow environment variables to override these settings.\n\n Returns:\n Zero on success or a negative error number on failure."]
pub fn krun_init_log(
target_fd: ::core::ffi::c_int,
level: u32,
style: u32,
options: u32,
) -> i32;
}
unsafe extern "C" {
#[doc = " Creates a configuration context.\n\n Returns:\n The context ID on success or a negative error number on failure."]
pub fn krun_create_ctx() -> i32;
}
unsafe extern "C" {
#[doc = " Frees an existing configuration context.\n\n Arguments:\n \"ctx_id\" - the configuration context ID.\n\n Returns:\n Zero on success or a negative error number on failure."]
pub fn krun_free_ctx(ctx_id: u32) -> i32;
}
unsafe extern "C" {
#[doc = " Sets the basic configuration parameters for the microVM.\n\n Arguments:\n \"ctx_id\" - the configuration context ID.\n \"num_vcpus\" - the number of vCPUs.\n \"ram_mib\" - the amount of RAM in MiB.\n\n Returns:\n Zero on success or a negative error number on failure."]
pub fn krun_set_vm_config(ctx_id: u32, num_vcpus: u8, ram_mib: u32) -> i32;
}
unsafe extern "C" {
#[doc = " Sets the path to be use as root for the microVM. Not available in libkrun-SEV.\n\n Arguments:\n \"ctx_id\" - the configuration context ID.\n \"root_path\" - a null-terminated string representing the path to be used as root.\n\n Returns:\n Zero on success or a negative error number on failure."]
pub fn krun_set_root(ctx_id: u32, root_path: *const ::core::ffi::c_char) -> i32;
}
unsafe extern "C" {
#[doc = " DEPRECATED. Use krun_add_disk instead.\n\n Sets the path to the disk image that contains the file-system to be used as root for the microVM.\n The only supported image format is \"raw\".\n\n Arguments:\n \"ctx_id\" - the configuration context ID.\n \"disk_path\" - a null-terminated string representing the path leading to the disk image that\n contains the root file-system.\n\n Returns:\n Zero on success or a negative error number on failure."]
pub fn krun_set_root_disk(ctx_id: u32, disk_path: *const ::core::ffi::c_char) -> i32;
}
unsafe extern "C" {
#[doc = " DEPRECATED. Use krun_add_disk instead.\n\n Sets the path to the disk image that contains the file-system to be used as\n a data partition for the microVM. The only supported image format is \"raw\".\n\n Arguments:\n \"ctx_id\" - the configuration context ID.\n \"disk_path\" - a null-terminated string representing the path leading to the disk image that\n contains the root file-system.\n\n Returns:\n Zero on success or a negative error number on failure."]
pub fn krun_set_data_disk(ctx_id: u32, disk_path: *const ::core::ffi::c_char) -> i32;
}
unsafe extern "C" {
#[doc = " Adds a disk image to be used as a general partition for the microVM. The only supported image\n format is \"raw\".\n\n This API is mutually exclusive with the deprecated krun_set_root_disk and\n krun_set_data_disk methods and must not be used together.\n\n This function deliberately only handles images in the Raw format, because it doesn't allow\n specifying an image format, and probing an image's format is dangerous. For more information,\n see the security note on `krun_add_disk2`, which allows opening non-Raw images.\n\n Arguments:\n \"ctx_id\" - the configuration context ID.\n \"block_id\" - a null-terminated string representing the partition.\n \"disk_path\" - a null-terminated string representing the path leading to the disk image.\n \"read_only\" - whether the mount should be read-only. Required if the caller does not have\n write permissions (for disk images in /usr/share).\n\n Returns:\n Zero on success or a negative error number on failure."]
pub fn krun_add_disk(
ctx_id: u32,
block_id: *const ::core::ffi::c_char,
disk_path: *const ::core::ffi::c_char,
read_only: bool,
) -> i32;
}
unsafe extern "C" {
#[doc = " Adds a disk image to be used as a general partition for the microVM. The supported\n image formats are: \"raw\" and \"qcow2\".\n\n This API is mutually exclusive with the deprecated krun_set_root_disk and\n krun_set_data_disk methods and must not be used together.\n\n SECURITY NOTE:\n Non-Raw images can reference other files, which libkrun will automatically open, and to which the\n guest will have access. Libkrun should therefore never be asked to open an image in a non-Raw\n format when it doesn't come from a fully trustworthy source.\n\n Consequently, probing an image's format is quite dangerous and to be avoided if at all possible,\n which is why libkrun provides no facilities for doing so. If it's not clear what format an image\n has, it may also not be clear whether it can be trusted to not reference files to which the guest\n shouldn't have access.\n\n If probing absolutely can't be avoided, it must only be done on images that are fully trusted, i.e.\n before a potentially untrusted guest had write access to it. Specifically, consider that a guest has\n full access to all of a Raw image, and can therefore turn it into a file in an arbitrary format, for\n example, into a Qcow2 image, referencing and granting a malicious guest access to arbitrary files.\n To hand a Raw image to an untrusted and potentially malicious guest, and then to re-probe it after\n the guest was able to write to it (when it can no longer be trusted), would therefore be a severe\n security vulnerability.\n\n Therefore, after having probed a yet fully trusted image once, the result must be remembered so the\n image will from then on always be opened in the format that was detected originally. When adhering\n to this, a guest can write anything they want to a Raw image, it's always going to be opened as a\n Raw image, preventing the security vulnerability outlined above.\n\n However, if at all possible, the image format should be explicitly selected based on knowledge\n obtained separately from the pure image data, for example by the user.\n\n Arguments:\n \"ctx_id\" - the configuration context ID.\n \"block_id\" - a null-terminated string representing the partition.\n \"disk_path\" - a null-terminated string representing the path leading to the disk image.\n \"disk_format\" - the disk image format (i.e. KRUN_DISK_FORMAT_{RAW, QCOW2})\n \"read_only\" - whether the mount should be read-only. Required if the caller does not have\n write permissions (for disk images in /usr/share).\n\n Returns:\n Zero on success or a negative error number on failure."]
pub fn krun_add_disk2(
ctx_id: u32,
block_id: *const ::core::ffi::c_char,
disk_path: *const ::core::ffi::c_char,
disk_format: u32,
read_only: bool,
) -> i32;
}
unsafe extern "C" {
#[doc = " Adds a disk image to be used as a general partition for the microVM.\n\n This API is mutually exclusive with the deprecated krun_set_root_disk and\n krun_set_data_disk methods and must not be used together.\n\n SECURITY NOTE:\n See the security note for `krun_add_disk2`.\n\n Arguments:\n \"ctx_id\" - the configuration context ID.\n \"block_id\" - a null-terminated string representing the partition.\n \"disk_path\" - a null-terminated string representing the path leading to the disk image.\n \"disk_format\" - the disk image format (i.e. KRUN_DISK_FORMAT_{RAW, QCOW2})\n \"read_only\" - whether the mount should be read-only. Required if the caller does not have\n write permissions (for disk images in /usr/share).\n \"direct_io\" - whether to bypass the host caches.\n \"sync_mode\" - whether to enable VIRTIO_BLK_F_FLUSH. On macOS, an additional relaxed sync\n mode is available, which is enabled by default, and will not ask the drive\n to flush its buffered data.\n\n Returns:\n Zero on success or a negative error number on failure."]
pub fn krun_add_disk3(
ctx_id: u32,
block_id: *const ::core::ffi::c_char,
disk_path: *const ::core::ffi::c_char,
disk_format: u32,
read_only: bool,
direct_io: bool,
sync_mode: u32,
) -> i32;
}
unsafe extern "C" {
#[doc = " NO LONGER SUPPORTED. DO NOT USE.\n\n Configures the mapped volumes for the microVM. Only supported on macOS, on Linux use\n user_namespaces and bind-mounts instead. Not available in libkrun-SEV.\n\n Arguments:\n \"ctx_id\" - the configuration context ID.\n \"mapped_volumes\" - an array of string pointers with format \"host_path:guest_path\" representing\n the volumes to be mapped inside the microVM\n\n Returns:\n Zero on success or a negative error number on failure."]
pub fn krun_set_mapped_volumes(
ctx_id: u32,
mapped_volumes: *const *const ::core::ffi::c_char,
) -> i32;
}
unsafe extern "C" {
#[doc = " Adds an independent virtio-fs device pointing to a host's directory with a tag.\n\n Arguments:\n \"ctx_id\" - the configuration context ID.\n \"c_tag\" - tag to identify the filesystem in the guest.\n \"c_path\" - full path to the directory in the host to be exposed to the guest.\n\n Returns:\n Zero on success or a negative error number on failure."]
pub fn krun_add_virtiofs(
ctx_id: u32,
c_tag: *const ::core::ffi::c_char,
c_path: *const ::core::ffi::c_char,
) -> i32;
}
unsafe extern "C" {
#[doc = " Adds an independent virtio-fs device pointing to a host's directory with a tag. This\n variant allows specifying the size of the DAX window.\n\n Arguments:\n \"ctx_id\" - the configuration context ID.\n \"c_tag\" - tag to identify the filesystem in the guest.\n \"c_path\" - full path to the directory in the host to be exposed to the guest.\n \"shm_size\" - size of the DAX SHM window in bytes.\n\n Returns:\n Zero on success or a negative error number on failure."]
pub fn krun_add_virtiofs2(
ctx_id: u32,
c_tag: *const ::core::ffi::c_char,
c_path: *const ::core::ffi::c_char,
shm_size: u64,
) -> i32;
}
unsafe extern "C" {
#[doc = " Adds an independent virtio-net device connected to a\n unixstream-based userspace network proxy, such as passt or\n socket_vmnet.\n\n The \"krun_add_net_*\" functions can be called multiple times for\n adding multiple virtio-net devices. In the guest the interfaces\n will appear in the same order as they are added (that is, the\n first added interface will be \"eth0\", the second \"eth1\"...)\n\n If no network interface is added, libkrun will automatically\n enable the TSI backend.\n\n Arguments:\n \"ctx_id\" - the configuration context ID.\n \"c_path\" - a null-terminated string representing the path\n for the unixstream socket where the userspace\n network proxy is listening. Must be NULL if \"fd\"\n is not -1.\n \"fd\" - a file descriptor for an already open unixstream\n connection to the userspace network proxy. Must\n be -1 if \"c_path\" is not NULL.\n \"c_mac\" - MAC address as an array of 6 uint8_t entries.\n \"features\" - virtio-net features for the network interface.\n \"flags\" - generic flags for the network interface.\n\n Notes:\n The arguments \"c_path\" and \"fd\" are mutually exclusive. If using\n \"fd\", the socket must be already initialized and configured as\n the userspace network proxy requires.\n If no network devices are added, networking uses the TSI backend.\n This function should be called before krun_set_port_map.\n\n Returns:\n Zero on success or a negative error number on failure."]
pub fn krun_add_net_unixstream(
ctx_id: u32,
c_path: *const ::core::ffi::c_char,
fd: ::core::ffi::c_int,
c_mac: *mut u8,
features: u32,
flags: u32,
) -> i32;
}
unsafe extern "C" {
#[doc = " Adds an independent virtio-net device with a unixgram-based\n backend, such as gvproxy or vmnet-helper.\n\n The \"krun_add_net_*\" functions can be called multiple times for\n adding multiple virtio-net devices. In the guest the interfaces\n will appear in the same order as they are added (that is, the\n first added interface will be \"eth0\", the second \"eth1\"...)\n\n If no network interface is added, libkrun will automatically\n enable the TSI backend.\n\n Arguments:\n \"ctx_id\" - the configuration context ID.\n \"c_path\" - a null-terminated string representing the path\n for the unixstream socket where the userspace\n network proxy is listening. Must be NULL if \"fd\"\n is not -1.\n \"fd\" - a file descriptor for an already open unixstream\n connection to the userspace network proxy. Must\n be -1 if \"c_path\" is not NULL.\n \"c_mac\" - MAC address as an array of 6 uint8_t entries.\n \"features\" - virtio-net features for the network interface.\n \"flags\" - generic flags for the network interface.\n\n Notes:\n The arguments \"c_path\" and \"fd\" are mutually exclusive. If using\n \"fd\", the socket must be already initialized and configured as\n the userspace network proxy requires.\n If no network devices are added, networking uses the TSI backend.\n This function should be called before krun_set_port_map.\n If using gvproxy in vfkit mode, NET_FLAG_VFKIT must be passed in\n \"flags\" when using \"c_path\" to indicate the connection endpoint.\n\n Returns:\n Zero on success or a negative error number on failure."]
pub fn krun_add_net_unixgram(
ctx_id: u32,
c_path: *const ::core::ffi::c_char,
fd: ::core::ffi::c_int,
c_mac: *mut u8,
features: u32,
flags: u32,
) -> i32;
}
unsafe extern "C" {
#[doc = " Adds an independent virtio-net device with the tap backend.\n Call to this function disables TSI backend.\n\n The \"krun_add_net_*\" functions can be called multiple times for\n adding multiple virtio-net devices. In the guest the interfaces\n will appear in the same order as they are added (that is, the\n first added interface will be \"eth0\", the second \"eth1\"...)\n\n Arguments:\n \"ctx_id\" - the configuration context ID.\n \"c_tap_name\" - a null-terminated string representing the tap\n device name.\n \"c_mac\" - MAC address as an array of 6 uint8_t entries.\n \"features\" - virtio-net features for the network interface.\n \"flags\" - generic flags for the network interface.\n\n Notes:\n If no network devices are added, networking uses the TSI backend.\n This function should be called before krun_set_port_map.\n\n Returns:\n Zero on success or a negative error number on failure."]
pub fn krun_add_net_tap(
ctx_id: u32,
c_tap_name: *mut ::core::ffi::c_char,
c_mac: *mut u8,
features: u32,
flags: u32,
) -> i32;
}
unsafe extern "C" {
#[doc = " DEPRECATED. Use krun_add_net_unixstream instead.\n\n Configures the networking to use passt.\n Call to this function disables TSI backend to use passt instead.\n\n Arguments:\n \"ctx_id\" - the configuration context ID.\n \"fd\" - a file descriptor to communicate with passt\n\n Notes:\n If you never call this function, networking uses the TSI backend.\n This function should be called before krun_set_port_map.\n\n Returns:\n Zero on success or a negative error number on failure."]
pub fn krun_set_passt_fd(ctx_id: u32, fd: ::core::ffi::c_int) -> i32;
}
unsafe extern "C" {
#[doc = " DEPRECATED. Use krun_add_net_unixgram instead.\n\n Configures the networking to use gvproxy in vfkit mode.\n Call to this function disables TSI backend to use gvproxy instead.\n\n Arguments:\n \"ctx_id\" - the configuration context ID.\n \"c_path\" - a null-terminated string representing the path for\n gvproxy's listen-vfkit unixdgram socket.\n\n Notes:\n If you never call this function, networking uses the TSI backend.\n This function should be called before krun_set_port_map.\n\n Returns:\n Zero on success or a negative error number on failure."]
pub fn krun_set_gvproxy_path(ctx_id: u32, c_path: *mut ::core::ffi::c_char) -> i32;
}
unsafe extern "C" {
#[doc = " Sets the MAC address for the virtio-net device when using the passt backend.\n\n Arguments:\n \"ctx_id\" - the configuration context ID.\n \"mac\" - MAC address as an array of 6 uint8_t entries.\n\n Returns:\n Zero on success or a negative error number on failure."]
pub fn krun_set_net_mac(ctx_id: u32, c_mac: *mut u8) -> i32;
}
unsafe extern "C" {
#[doc = " Configures a map of host to guest TCP ports for the microVM.\n\n Arguments:\n \"ctx_id\" - the configuration context ID.\n \"port_map\" - an array of string pointers with format \"host_port:guest_port\"\n\n Returns:\n Zero on success or a negative error number on failure.\n Documented errors:\n -ENOTSUP when passt networking is used\n\n Notes:\n Passing NULL (or not calling this function) as \"port_map\" has a different meaning than\n passing an empty array. The first one will instruct libkrun to attempt to expose all\n listening ports in the guest to the host, while the second means that no port from\n the guest will be exposed to host.\n\n Exposed ports will only become accessible by their \"host_port\" in the guest too. This\n means that for a map such as \"8080:80\", applications running inside the guest will also\n need to access the service through the \"8080\" port.\n\n If past networking mode is used (krun_set_passt_fd was called), port mapping is not supported\n as an API of libkrun (but you can still do port mapping using command line arguments of passt)"]
pub fn krun_set_port_map(ctx_id: u32, port_map: *const *const ::core::ffi::c_char) -> i32;
}
unsafe extern "C" {
#[doc = " Enables and configures a virtio-gpu device.\n\n Arguments:\n \"ctx_id\" - the configuration context ID.\n \"virgl_flags\" - flags to pass to virglrenderer.\n\n Returns:\n Zero on success or a negative error number on failure."]
pub fn krun_set_gpu_options(ctx_id: u32, virgl_flags: u32) -> i32;
}
unsafe extern "C" {
#[doc = " Enables and configures a virtio-gpu device. This variant allows specifying\n the size of the host window (acting as vRAM in the guest).\n\n Arguments:\n \"ctx_id\" - the configuration context ID.\n \"virgl_flags\" - flags to pass to virglrenderer.\n \"shm_size\" - size of the SHM host window in bytes.\n\n Returns:\n Zero on success or a negative error number on failure."]
pub fn krun_set_gpu_options2(ctx_id: u32, virgl_flags: u32, shm_size: u64) -> i32;
}
unsafe extern "C" {
#[doc = " Configure a display output for the VM.\n\n Note that to have display output a display backend must also be set (see krun_set_display_backend).\n\n Arguments:\n \"ctx_id\" - the configuration context ID.\n \"width\" - the width of the window/display\n \"height\" - the height of the window/display\n\n Returns:\n The id of the display (0 to KRUN_MAX_DISPLAYS - 1) on success or a negative error number on failure."]
pub fn krun_add_display(ctx_id: u32, width: u32, height: u32) -> i32;
}
unsafe extern "C" {
#[doc = " Configure a custom EDID blob for a display\n\n This replaces the generated EDID with a custom one. Configuring an EDID blob makes all display parameters except\n width and height ignored.\n\n Note that libkrun doesn't do any checks if the EDID matches the width/height specified in krun_add_display().\n\n Arguments:\n \"ctx_id\" - the configuration context ID.\n \"display_id\" - the ID of the display (range: 0 to KRUN_MAX_DISPLAYS - 1)\n \"edid_blob\" - the EDID blob\n \"blob_size\" - the size of the blob in bytes\n\n Returns:\n Zero on success or a negative error number on failure."]
pub fn krun_display_set_edid(
ctx_id: u32,
display_id: u32,
edid_blob: *const u8,
blob_size: usize,
) -> i32;
}
unsafe extern "C" {
#[doc = " Configure DPI of the display reported to the guest\n\n This overrides the DPI set by krun_set_display_dpi()\n\n Arguments:\n \"ctx_id\" - the configuration context ID.\n \"display_id\" - the ID of the display (range: 0 to KRUN_MAX_DISPLAYS - 1)\n \"dpi\" - DPI (PPI) dots/pixels per inch of the display\n\n Returns:\n Zero on success or a negative error number on failure."]
pub fn krun_display_set_dpi(ctx_id: u32, display_id: u32, dpi: u32) -> i32;
}
unsafe extern "C" {
#[doc = " Configure physical size of the display reported to the guest\n\n This overrides the physical size of the display set by krun_set_display_physical_size()\n\n Arguments:\n \"ctx_id\" - the configuration context ID.\n \"display_id\" - the ID of the display (range: 0 to KRUN_MAX_DISPLAYS - 1)\n \"width_mm\" - width of the display in millimeters\n \"height_mm\" - height of the display in millimeters\n\n Returns:\n Zero on success or a negative error number on failure."]
pub fn krun_display_set_physical_size(
ctx_id: u32,
display_id: u32,
width_mm: u16,
height_mm: u16,
) -> i32;
}
unsafe extern "C" {
#[doc = " Configure refresh rate for a display\n\n\n Arguments:\n \"ctx_id\" - the configuration context ID.\n \"display_id\" - the ID of the display (range: 0 to KRUN_MAX_DISPLAYS - 1)\n \"refresh_rate\" - refresh rate (in Hz)\n\n Returns:\n Zero on success or a negative error number on failure."]
pub fn krun_display_set_refresh_rate(ctx_id: u32, display_id: u32, refresh_rate: u32) -> i32;
}
unsafe extern "C" {
#[doc = " Configures a krun_display_backend struct to be used for display output. (see libkrun_display.h)\n\n Arguments:\n \"ctx_id\" - the configuration context ID\n \"display_backend\" - Pointer to a krun_display_backend struct\n \"backend_size\" - sizeof() the krun_display_backend struct\n\n Returns:\n Zero on success or a negative error number (errno) on failure."]
pub fn krun_set_display_backend(
ctx_id: u32,
display_backend: *const ::core::ffi::c_void,
backend_size: usize,
) -> i32;
}
unsafe extern "C" {
#[doc = " Adds an input device with separate config and events objects.\n\n Arguments:\n \"ctx_id\" - the configuration context ID\n \"config_backend\" - Pointer to a krun_input_config struct\n \"config_backend_size\" - sizeof() the krun_input_config struct\n \"events_backend\" - Pointer to a krun_input_event_provider struct\n \"events_backend_size\" - sizeof() the krun_input_event_provider struct\n\n Returns:\n Zero on success or a negative error code otherwise."]
pub fn krun_add_input_device(
ctx_id: u32,
config_backend: *const ::core::ffi::c_void,
config_backend_size: usize,
events_backend: *const ::core::ffi::c_void,
events_backend_size: usize,
) -> ::core::ffi::c_int;
}
unsafe extern "C" {
#[doc = " Creates a passthrough input device from a host /dev/input/* file descriptor.\n The device configuration will be automatically queried from the host device using ioctls.\n\n Arguments:\n \"ctx_id\" - The krun context\n \"input_fd\" - File descriptor to a /dev/input/* device on the host\n\n Returns:\n Zero on success or a negative error code otherwise."]
pub fn krun_add_input_device_fd(
ctx_id: u32,
input_fd: ::core::ffi::c_int,
) -> ::core::ffi::c_int;
}
unsafe extern "C" {
#[doc = " Enables or disables a virtio-snd device.\n\n Arguments:\n \"ctx_id\" - the configuration context ID.\n \"enable\" - boolean indicating whether virtio-snd should be enabled or disabled.\n\n Returns:\n Zero on success or a negative error number on failure."]
pub fn krun_set_snd_device(ctx_id: u32, enable: bool) -> i32;
}
unsafe extern "C" {
#[doc = " Configures a map of rlimits to be set in the guest before starting the isolated binary.\n\n Arguments:\n \"ctx_id\" - the configuration context ID.\n \"rlimits\" - an array of string pointers with format \"RESOURCE=RLIM_CUR:RLIM_MAX\".\n\n Returns:\n Zero on success or a negative error number on failure."]
pub fn krun_set_rlimits(ctx_id: u32, rlimits: *const *const ::core::ffi::c_char) -> i32;
}
unsafe extern "C" {
#[doc = " Sets the SMBIOS OEM Strings.\n\n Arguments:\n \"ctx_id\" - the configuration context ID.\n \"oem_strings\" - an array of string pointers. Must be terminated with an additional NULL pointer.\n\n Returns:\n Zero on success or a negative error number on failure."]
pub fn krun_set_smbios_oem_strings(
ctx_id: u32,
oem_strings: *const *const ::core::ffi::c_char,
) -> i32;
}
unsafe extern "C" {
#[doc = " Sets the working directory for the executable to be run inside the microVM.\n\n Arguments:\n \"ctx_id\" - the configuration context ID.\n \"workdir_path\" - the path to the working directory, relative to the root configured with\n \"krun_set_root\".\n\n Returns:\n Zero on success or a negative error number on failure."]
pub fn krun_set_workdir(ctx_id: u32, workdir_path: *const ::core::ffi::c_char) -> i32;
}
unsafe extern "C" {
#[doc = " Sets the path to the executable to be run inside the microVM, the arguments to be passed to the\n executable, and the environment variables to be configured in the context of the executable.\n\n Arguments:\n \"ctx_id\" - the configuration context ID.\n \"exec_path\" - the path to the executable, relative to the root configured with \"krun_set_root\".\n \"argv\" - an array of string pointers to be passed as arguments.\n \"envp\" - an array of string pointers to be injected as environment variables into the\n context of the executable. If NULL, it will auto-generate an array collecting the\n the variables currently present in the environment.\n\n Returns:\n Zero on success or a negative error number on failure."]
pub fn krun_set_exec(
ctx_id: u32,
exec_path: *const ::core::ffi::c_char,
argv: *const *const ::core::ffi::c_char,
envp: *const *const ::core::ffi::c_char,
) -> i32;
}
unsafe extern "C" {
#[doc = " Sets the path to the firmware to be loaded into the microVM.\n\n Arguments:\n \"ctx_id\" - the configuration context ID.\n \"firmware_path\" - the path to the firmware, relative to the host's filesystem.\n\n\n Returns:\n Zero on success or a negative error number on failure."]
pub fn krun_set_firmware(ctx_id: u32, firmware_path: *const ::core::ffi::c_char) -> i32;
}
unsafe extern "C" {
#[doc = " Sets the path to the kernel to be loaded in the microVM.\n\n Arguments:\n \"ctx_id\" - the configuration context ID.\n \"kernel_path\" - the path to the kernel, relative to the host's filesystem.\n \"kernel_format\" - the kernel format.\n \"initramfs\" - the path to the initramfs, relative to the host's filesystem.\n \"cmdline\" - the kernel command line.\n\n Returns:\n Zero on success or a negative error number on failure."]
pub fn krun_set_kernel(
ctx_id: u32,
kernel_path: *const ::core::ffi::c_char,
kernel_format: u32,
initramfs: *const ::core::ffi::c_char,
cmdline: *const ::core::ffi::c_char,
) -> i32;
}
unsafe extern "C" {
#[doc = " Sets environment variables to be configured in the context of the executable.\n\n Arguments:\n \"ctx_id\" - the configuration context ID.\n \"envp\" - an array of string pointers to be injected as environment variables into the\n context of the executable. If NULL, it will auto-generate an array collecting the\n the variables currently present in the environment.\n\n Returns:\n Zero on success or a negative error number on failure."]
pub fn krun_set_env(ctx_id: u32, envp: *const *const ::core::ffi::c_char) -> i32;
}
unsafe extern "C" {
#[doc = " Sets the file path to the TEE configuration file. Only available in libkrun-sev.\n\n Arguments:\n \"ctx_id\" - the configuration context ID.\n \"filepath\" - a null-terminated string representing file path to the TEE config file.\n\n Returns:\n Zero on success or a negative error number on failure."]
pub fn krun_set_tee_config_file(ctx_id: u32, filepath: *const ::core::ffi::c_char) -> i32;
}
unsafe extern "C" {
#[doc = " Adds a port-path pairing for guest IPC with a process in the host.\n\n Arguments:\n \"ctx_id\" - the configuration context ID.\n \"port\" - a vsock port that the guest will connect to for IPC.\n \"filepath\" - a null-terminated string representing the path of the UNIX\n socket in the host."]
pub fn krun_add_vsock_port(
ctx_id: u32,
port: u32,
c_filepath: *const ::core::ffi::c_char,
) -> i32;
}
unsafe extern "C" {
#[doc = " Adds a port-path pairing for guest IPC with a process in the host.\n\n Arguments:\n \"ctx_id\" - the configuration context ID.\n \"port\" - a vsock port that the guest will connect to for IPC.\n \"filepath\" - a null-terminated string representing the path of the UNIX\n socket in the host.\n \"listen\" - true if guest expects connections to be initiated from host side"]
pub fn krun_add_vsock_port2(
ctx_id: u32,
port: u32,
c_filepath: *const ::core::ffi::c_char,
listen: bool,
) -> i32;
}
unsafe extern "C" {
#[doc = " Add a vsock device with specified TSI features.\n\n By default, libkrun creates a vsock device implicitly with TSI hijacking\n enabled based on heuristics. To use this function, you must first call\n krun_disable_implicit_vsock() to disable the implicit vsock device.\n\n Currently only one vsock device is supported. Calling this function\n multiple times will return an error.\n\n Arguments:\n \"ctx_id\" - the configuration context ID.\n \"tsi_features\" - bitmask of TSI features (KRUN_TSI_HIJACK_INET, KRUN_TSI_HIJACK_UNIX)\n Use 0 to add vsock without any TSI hijacking.\n\n Returns:\n Zero on success or a negative error number on failure."]
pub fn krun_add_vsock(ctx_id: u32, tsi_features: u32) -> i32;
}
unsafe extern "C" {
#[doc = " Returns the eventfd file descriptor to signal the guest to shut down orderly. This must be\n called before starting the microVM with \"krun_start_event\". Only available in libkrun-efi.\n\n Arguments:\n \"ctx_id\" - the configuration context ID.\n\n Returns:\n The eventfd file descriptor or a negative error number on failure."]
pub fn krun_get_shutdown_eventfd(ctx_id: u32) -> i32;
}
unsafe extern "C" {
#[doc = " Configures the console device to ignore stdin and write the output to \"c_filepath\".\n\n Arguments:\n \"ctx_id\" - the configuration context ID.\n \"filepath\" - a null-terminated string representing the path of the file to write the\n console output.\n\n Notes:\n This API only applies to the implicitly created console. If the implicit console is\n disabled via `krun_disable_implicit_console` the operation is a NOOP. Additionally,\n this API does not have any effect on consoles created via the `krun_add_*_console_default`\n APIs."]
pub fn krun_set_console_output(ctx_id: u32, c_filepath: *const ::core::ffi::c_char) -> i32;
}
unsafe extern "C" {
#[doc = " Configures uid which is set right before the microVM is started.\n\n This is useful for example when you want to access host block devices\n from the microVM which requires root privileges when opening the device\n but you don't want to run the whole microVM as root.\n\n Arguments:\n \"ctx_id\" - the configuration context ID.\n \"uid\" - a user id to be set.\n\n Returns:\n Zero on success or a negative error number on failure."]
pub fn krun_setuid(ctx_id: u32, uid: uid_t) -> i32;
}
unsafe extern "C" {
#[doc = " Configures gid which is set right before the microVM is started.\n\n This is useful for example when you want to access host block devices\n from the microVM which requires root privileges when opening the device\n but you don't want to run the whole microVM as root.\n\n Arguments:\n \"ctx_id\" - the configuration context ID.\n \"gid\" - a group id to be set.\n\n Returns:\n Zero on success or a negative error number on failure."]
pub fn krun_setgid(ctx_id: u32, gid: gid_t) -> i32;
}
unsafe extern "C" {
#[doc = " Configures the microVM to support Nested Virtualization\n\n Arguments:\n \"ctx_id\" - the configuration context ID.\n \"enabled\" - true to enable Nested Virtualization in the microVM.\n\n Notes:\n This feature is only supported on macOS.\n\n Returns:\n Zero on success or a negative error number on failure. Success doesn't imply that\n Nested Virtualization is supported on the system, only that it's going to be requested\n when the microVM is created after calling \"krun_start_enter\"."]
pub fn krun_set_nested_virt(ctx_id: u32, enabled: bool) -> i32;
}
unsafe extern "C" {
#[doc = " Check the system if Nested Virtualization is supported\n\n Notes:\n This feature is only supported on macOS.\n\n Returns:\n - 1 : Success and Nested Virtualization is supported\n - 0 : Success and Nested Virtualization is not supported\n - <0: Failure"]
pub fn krun_check_nested_virt() -> i32;
}
unsafe extern "C" {
#[doc = " Checks if a specific feature was enabled at build time.\n\n Arguments:\n \"feature\" - one of the KRUN_FEATURE_* constants.\n\n Returns:\n 1 if the feature is supported, 0 if not supported, or a negative error\n number on failure (e.g., -EINVAL for invalid/unknown feature constant).\n\n Notes:\n When linking against an older version of libkrun, this function may\n return -EINVAL for feature constants that were added in newer versions."]
pub fn krun_has_feature(feature: u64) -> i32;
}
unsafe extern "C" {
#[doc = " Get the maximum number of vCPUs supported by the hypervisor.\n\n Returns:\n The maximum number of vCPUs that can be created, or a negative error number on failure."]
pub fn krun_get_max_vcpus() -> i32;
}
unsafe extern "C" {
#[doc = " Specify whether to split IRQCHIP responsibilities between the host and the guest.\n\n Arguments:\n \"ctx_id\" - the configuration context ID.\n \"enable\" - whether to enable the split IRQCHIP\n\n Returns:\n Zero on success or a negative error number on failure."]
pub fn krun_split_irqchip(ctx_id: u32, enable: bool) -> i32;
}
unsafe extern "C" {
pub fn krun_disable_implicit_console(ctx_id: u32) -> i32;
}
unsafe extern "C" {
#[doc = " Disable the implicit vsock device.\n\n By default, libkrun creates a vsock device automatically. This function\n disables that behavior entirely - no vsock device will be created.\n\n Arguments:\n \"ctx_id\" - the configuration context ID.\n\n Returns:\n Zero on success or a negative error number on failure."]
pub fn krun_disable_implicit_vsock(ctx_id: u32) -> i32;
}
unsafe extern "C" {
pub fn krun_set_kernel_console(ctx_id: u32, console_id: *const ::core::ffi::c_char) -> i32;
}
unsafe extern "C" {
pub fn krun_add_virtio_console_default(
ctx_id: u32,
input_fd: ::core::ffi::c_int,
output_fd: ::core::ffi::c_int,
err_fd: ::core::ffi::c_int,
) -> i32;
}
unsafe extern "C" {
pub fn krun_add_serial_console_default(
ctx_id: u32,
input_fd: ::core::ffi::c_int,
output_fd: ::core::ffi::c_int,
) -> i32;
}
unsafe extern "C" {
pub fn krun_add_virtio_console_multiport(ctx_id: u32) -> i32;
}
unsafe extern "C" {
pub fn krun_add_console_port_tty(
ctx_id: u32,
console_id: u32,
name: *const ::core::ffi::c_char,
tty_fd: ::core::ffi::c_int,
) -> i32;
}
unsafe extern "C" {
pub fn krun_add_console_port_inout(
ctx_id: u32,
console_id: u32,
name: *const ::core::ffi::c_char,
input_fd: ::core::ffi::c_int,
output_fd: ::core::ffi::c_int,
) -> i32;
}
unsafe extern "C" {
#[doc = " Configure block device to be used as root filesystem.\n\n Arguments:\n \"ctx_id\" - the configuration context ID.\n \"device\" - a null-terminated string specifying the root device\n (e.g. \"/dev/vda1\", must refer to a previously configured block device)\n \"fstype\" - a null-terminated string specifying the filesystem type (e.g. \"ext4\", can be set to \"auto\" or NULL)\n \"options\" - a null-terminated string with a comma-separated list of mount options (can be NULL)\n\n Notes:\n This function can be used if you want a root filesystem backed by a block device instead of a virtiofs path.\n Because libkrun uses its own built-in init process (implemented as a virtual file in the virtiofs driver),\n you'd normally have to copy the executable into every filesystem image (or partition) you intend to boot from.\n This is obviously difficult to maintain, so instead we can create a dummy virtiofs root behind the scenes,\n execute init from it as usual and then switch to the actual root configured by this function."]
pub fn krun_set_root_disk_remount(
ctx_id: u32,
device: *const ::core::ffi::c_char,
fstype: *const ::core::ffi::c_char,
options: *const ::core::ffi::c_char,
) -> i32;
}
unsafe extern "C" {
#[doc = " Starts and enters the microVM with the configured parameters. The VMM will attempt to take over\n stdin/stdout to manage them on behalf of the process running inside the isolated environment,\n simulating that the latter has direct control of the terminal.\n\n This function consumes the configuration pointed by the context ID.\n\n Arguments:\n \"ctx_id\" - the configuration context ID.\n\n Notes:\n This function only returns if an error happens before starting the microVM. Otherwise, the\n VMM assumes it has full control of the process, and will call to exit() with the workload's exit\n code once the microVM shuts down. If an error occurred before running the workload the process\n will exit() with an error exit code.\n\n Error exit codes:\n 125 - \"init\" cannot set up the environment inside the microVM.\n 126 - \"init\" can find the executable to be run inside the microVM but cannot execute it.\n 127 - \"init\" cannot find the executable to be run inside the microVM.\n\n Returns:\n -EINVAL - The VMM has detected an error in the microVM configuration."]
pub fn krun_start_enter(ctx_id: u32) -> i32;
}