Full isolation has too much impact to be a default. Even on an almost
unloaded machine with a couple of VMs running it results in audio buffer
underruns due to the significant scheduling latency.
This change is fine because with vmsilo, the trust domain is the VM. There
isn't much reason to protect apps from other apps running in the same VM.
Better to run those apps in separate VMs in that case.
Instead of passing raw crosvm attrsets, sound is now configured
with two booleans: sound.playback (default true) and sound.capture
(default false, implies playback).
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
VM IDs (used for vsock CIDs and TAP name truncation) are now
automatically assigned starting from 3 based on list position,
removing the need for users to specify them. Also removes the
constraints that IDs must be odd numbers in range 3-255.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
