patches and low-level development discussion
 help / color / mirror / code / Atom feed
* [PATCH 1/2] Enables forwarding Wayland from appVM to host with waypipe
@ 2022-12-04 22:45 vadim likholetov
  2022-12-04 22:45 ` [PATCH 2/2] Firefox appVM patches and appVM refactoring vadim likholetov
  0 siblings, 1 reply; 2+ messages in thread
From: vadim likholetov @ 2022-12-04 22:45 UTC (permalink / raw)
  To: devel; +Cc: vadim likholetov

Signed-off-by: vadim likholetov <vadim.likholetov@unikie.com>
---
 host/initramfs/extfs.nix         |  4 +++-
 host/rootfs/Makefile             |  1 +
 host/rootfs/default.nix          |  4 ++--
 host/rootfs/usr/bin/vm-start-way | 10 ++++++++++
 img/app/default.nix              |  3 +++
 vm/app/hello-waypipe.nix         | 23 +++++++++++++++++++++++
 6 files changed, 42 insertions(+), 3 deletions(-)
 create mode 100755 host/rootfs/usr/bin/vm-start-way
 create mode 100644 vm/app/hello-waypipe.nix

diff --git a/host/initramfs/extfs.nix b/host/initramfs/extfs.nix
index 5c5850f..f49e519 100644
--- a/host/initramfs/extfs.nix
+++ b/host/initramfs/extfs.nix
@@ -11,12 +11,13 @@ let
 
   appvm-catgirl = import ../../vm/app/catgirl.nix { inherit config; };
   appvm-lynx = import ../../vm/app/lynx.nix { inherit config; };
+  appvm-hello-waypipe = import ../../vm/app/hello-waypipe.nix { inherit config; };
 in
 
 runCommand "ext.ext4" {
   nativeBuildInputs = [ e2fsprogs ];
 } ''
-  mkdir -p root/svc/data/appvm-{catgirl,lynx}
+  mkdir -p root/svc/data/appvm-{catgirl,lynx,hello-waypipe}
   cd root
 
   tar -C ${netvm} -c data | tar -C svc -x
@@ -24,6 +25,7 @@ runCommand "ext.ext4" {
 
   tar -C ${appvm-catgirl} -c . | tar -C svc/data/appvm-catgirl -x
   tar -C ${appvm-lynx} -c . | tar -C svc/data/appvm-lynx -x
+  tar -C ${appvm-hello-waypipe} -c . | tar -C svc/data/appvm-hello-waypipe -x
 
   mkfs.ext4 -d . $out 16T
   resize2fs -M $out
diff --git a/host/rootfs/Makefile b/host/rootfs/Makefile
index 9559c06..06e3e8e 100644
--- a/host/rootfs/Makefile
+++ b/host/rootfs/Makefile
@@ -39,6 +39,7 @@ FILES = \
 	usr/bin/lsvm \
 	usr/bin/vm-console \
 	usr/bin/vm-start \
+	usr/bin/vm-start-way \
 	usr/bin/vm-stop
 DIRS = dev etc/s6-linux-init/env ext run proc sys
 
diff --git a/host/rootfs/default.nix b/host/rootfs/default.nix
index 0a84f55..de4a6b6 100644
--- a/host/rootfs/default.nix
+++ b/host/rootfs/default.nix
@@ -7,7 +7,7 @@ pkgs.pkgsStatic.callPackage (
 
 { lib, stdenvNoCC, nixos, runCommand, writeReferencesToFile, s6-rc, tar2ext4
 , busybox, cloud-hypervisor, cryptsetup, execline, e2fsprogs, jq, kmod
-, mdevd, s6, s6-linux-init, socat, util-linuxMinimal, xorg
+, mdevd, s6, s6-linux-init, socat, util-linuxMinimal, xorg, waypipe
 }:
 
 let
@@ -49,7 +49,7 @@ let
 
   packages = [
     cloud-hypervisor e2fsprogs execline jq kmod mdevd s6 s6-linux-init s6-rc
-    socat start-vm
+    socat start-vm waypipe
 
     (cryptsetup.override {
       programs = {
diff --git a/host/rootfs/usr/bin/vm-start-way b/host/rootfs/usr/bin/vm-start-way
new file mode 100755
index 0000000..bda9934
--- /dev/null
+++ b/host/rootfs/usr/bin/vm-start-way
@@ -0,0 +1,10 @@
+#!/bin/sh 
+# SPDX-License-Identifier: EUPL-1.2+
+
+s6-rc -bu change ext-rc
+s6-rc -l /run/s6-rc.ext -u change $1 
+ch-remote --api-socket /run/service/ext-${1}/env/cloud-hypervisor.sock add-vsock cid=4,socket=/run/u.${1}.socket
+cd /run
+nohup waypipe --socket /run/waypipe.sock client &
+nohup socat unix-listen:/run/u.${1}.socket_5000,reuseaddr,fork unix-connect:/run/waypipe.sock &
+
diff --git a/img/app/default.nix b/img/app/default.nix
index e7d5366..80f23c2 100644
--- a/img/app/default.nix
+++ b/img/app/default.nix
@@ -59,6 +59,9 @@ let
       DRM_BOCHS = yes;
       DRM = yes;
       AGP = yes;
+      VSOCKETS = yes;
+      VIRTIO_VSOCKETS = yes;
+      VIRTIO_VSOCKETS_COMMON = yes;
     };
   };
 in
diff --git a/vm/app/hello-waypipe.nix b/vm/app/hello-waypipe.nix
new file mode 100644
index 0000000..601b638
--- /dev/null
+++ b/vm/app/hello-waypipe.nix
@@ -0,0 +1,23 @@
+# SPDX-License-Identifier: MIT
+# SPDX-FileCopyrightText: 2021-2022 Alyssa Ross <hi@alyssa.is>
+
+{ config ? import ../../../nix/eval-config.nix {} }:
+
+import ../make-vm.nix { inherit config; } {
+  providers.net = [ "netvm" ];
+  run = config.pkgs.callPackage (
+    { writeScript, waypipe, havoc, foot, hello-wayland, socat}:
+    writeScript "run-waypipe-app" ''
+      #!/bin/sh
+      mkdir /run/0
+      export XDG_RUNTIME_DIR=/run/0
+      ${socat}/bin/socat  unix-listen:/run/waypipe.sock,reuseaddr,fork vsock-connect:2:5000 &
+      sleep 1
+      ${waypipe}/bin/waypipe --display wayland-local --socket /run/waypipe.sock server -- sleep inf &
+      export WAYLAND_DISPLAY=wayland-local
+      ${havoc}/bin/havoc
+      ${hello-wayland}/bin/hello-wayland
+      ${foot}/bin/foot
+    ''
+  ) { };
+}
-- 
2.36.2



^ permalink raw reply	[flat|nested] 2+ messages in thread

* [PATCH 2/2] Firefox appVM patches and appVM refactoring
  2022-12-04 22:45 [PATCH 1/2] Enables forwarding Wayland from appVM to host with waypipe vadim likholetov
@ 2022-12-04 22:45 ` vadim likholetov
  0 siblings, 0 replies; 2+ messages in thread
From: vadim likholetov @ 2022-12-04 22:45 UTC (permalink / raw)
  To: devel; +Cc: vadim likholetov

Signed-off-by: vadim likholetov <vadim.likholetov@unikie.com>
---
 host/initramfs/extfs.nix                  |  4 ++-
 host/rootfs/Makefile                      |  2 +-
 host/start-vm/lib.rs                      |  2 +-
 img/app/Makefile                          |  3 +++
 img/app/default.nix                       |  4 +--
 img/app/etc/group                         |  3 +++
 img/app/etc/mdev/iface                    |  5 +++-
 img/app/etc/passwd                        |  1 +
 img/app/etc/s6-linux-init/scripts/rc.init |  2 ++
 img/app/etc/s6-rc/app/run                 |  5 ++--
 img/app/etc/s6-rc/user-app/run            | 19 ++++++++++++++
 img/app/etc/s6-rc/user-app/type           |  1 +
 img/app/etc/s6-rc/user-app/type.license   |  2 ++
 vm-lib/make-vm.nix                        |  7 ++---
 vm/app/catgirl.nix                        | 11 +++++++-
 vm/app/firefox.nix                        | 31 +++++++++++++++++++++++
 vm/app/hello-waypipe.nix                  | 12 ++++++---
 vm/app/lynx.nix                           | 10 ++++++++
 18 files changed, 109 insertions(+), 15 deletions(-)
 create mode 100644 img/app/etc/group
 create mode 100755 img/app/etc/s6-rc/user-app/run
 create mode 100644 img/app/etc/s6-rc/user-app/type
 create mode 100644 img/app/etc/s6-rc/user-app/type.license
 create mode 100644 vm/app/firefox.nix

diff --git a/host/initramfs/extfs.nix b/host/initramfs/extfs.nix
index f49e519..917abe2 100644
--- a/host/initramfs/extfs.nix
+++ b/host/initramfs/extfs.nix
@@ -12,12 +12,13 @@ let
   appvm-catgirl = import ../../vm/app/catgirl.nix { inherit config; };
   appvm-lynx = import ../../vm/app/lynx.nix { inherit config; };
   appvm-hello-waypipe = import ../../vm/app/hello-waypipe.nix { inherit config; };
+  appvm-firefox = import ../../vm/app/firefox.nix { inherit config; };
 in
 
 runCommand "ext.ext4" {
   nativeBuildInputs = [ e2fsprogs ];
 } ''
-  mkdir -p root/svc/data/appvm-{catgirl,lynx,hello-waypipe}
+  mkdir -p root/svc/data/appvm-{catgirl,lynx,hello-waypipe,firefox}
   cd root
 
   tar -C ${netvm} -c data | tar -C svc -x
@@ -26,6 +27,7 @@ runCommand "ext.ext4" {
   tar -C ${appvm-catgirl} -c . | tar -C svc/data/appvm-catgirl -x
   tar -C ${appvm-lynx} -c . | tar -C svc/data/appvm-lynx -x
   tar -C ${appvm-hello-waypipe} -c . | tar -C svc/data/appvm-hello-waypipe -x
+  tar -C ${appvm-firefox} -c . | tar -C svc/data/appvm-firefox -x
 
   mkfs.ext4 -d . $out 16T
   resize2fs -M $out
diff --git a/host/rootfs/Makefile b/host/rootfs/Makefile
index 06e3e8e..a228d5e 100644
--- a/host/rootfs/Makefile
+++ b/host/rootfs/Makefile
@@ -148,7 +148,7 @@ run: build/live.img $(EXT_FS) build/rootfs.verity.roothash
 	exec 3<>"$$ext" && \
 	rm -f "$$ext" && \
 	truncate -s +10G /proc/self/fd/3 && \
-	exec $(QEMU_KVM) -cpu host -m 2G \
+	exec $(QEMU_KVM) -cpu host -m 4G \
 	    -machine q35,kernel=$(KERNEL),kernel-irqchip=split,initrd=$(INITRAMFS) \
 	    -display gtk,gl=on \
 	    -qmp unix:vmm.sock,server,nowait \
diff --git a/host/start-vm/lib.rs b/host/start-vm/lib.rs
index ef79091..7a89506 100644
--- a/host/start-vm/lib.rs
+++ b/host/start-vm/lib.rs
@@ -44,7 +44,7 @@ pub fn vm_command(dir: PathBuf, config_root: &Path) -> Result<Command, String> {
     command.arg("cloud-hypervisor");
     command.args(&["--api-socket", "env/cloud-hypervisor.sock"]);
     command.args(&["--cmdline", "console=ttyS0 root=PARTLABEL=root"]);
-    command.args(&["--memory", "size=128M"]);
+    command.args(&["--memory", "size=512M"]);
     command.args(&["--console", "pty"]);
     command.arg("--kernel");
     command.arg(config_dir.join("vmlinux"));
diff --git a/img/app/Makefile b/img/app/Makefile
index c5a4684..0a15aaa 100644
--- a/img/app/Makefile
+++ b/img/app/Makefile
@@ -48,6 +48,7 @@ VM_FILES = \
 	etc/mdev.conf \
 	etc/mdev/iface \
 	etc/passwd \
+	etc/group \
 	etc/resolv.conf \
 	etc/s6-linux-init/scripts/rc.init
 VM_DIRS = dev run proc sys \
@@ -76,6 +77,8 @@ build/rootfs.tar: build/empty $(PACKAGES_TAR) $(VM_FILES) $(VM_BUILD_FILES)
 VM_S6_RC_FILES = \
 	etc/s6-rc/app/run \
 	etc/s6-rc/app/type \
+	etc/s6-rc/user-app/run \
+	etc/s6-rc/user-app/type \
 	etc/s6-rc/mdevd-coldplug/dependencies \
 	etc/s6-rc/mdevd-coldplug/type \
 	etc/s6-rc/mdevd-coldplug/up \
diff --git a/img/app/default.nix b/img/app/default.nix
index 80f23c2..29abf93 100644
--- a/img/app/default.nix
+++ b/img/app/default.nix
@@ -9,7 +9,7 @@ config.pkgs.pkgsStatic.callPackage (
 
 { lib, stdenvNoCC, runCommand, writeReferencesToFile, buildPackages
 , jq, s6-rc, tar2ext4, util-linux
-, busybox, cacert, execline, kmod, mdevd, s6, s6-linux-init
+, busybox, cacert, execline, kmod, mdevd, s6, s6-linux-init, tmux
 }:
 
 let
@@ -18,7 +18,7 @@ let
   scripts = import ../../scripts { inherit config; };
 
   packages = [
-    execline kmod mdevd s6 s6-linux-init s6-rc
+    execline kmod mdevd s6 s6-linux-init s6-rc tmux
 
     (busybox.override {
       extraConfig = ''
diff --git a/img/app/etc/group b/img/app/etc/group
new file mode 100644
index 0000000..5a5c9a5
--- /dev/null
+++ b/img/app/etc/group
@@ -0,0 +1,3 @@
+root:x:0:
+tty:x:4:user
+user:x:1000:user
diff --git a/img/app/etc/mdev/iface b/img/app/etc/mdev/iface
index d8ceda5..1aac8a8 100755
--- a/img/app/etc/mdev/iface
+++ b/img/app/etc/mdev/iface
@@ -33,4 +33,7 @@ foreground {
   }
 }
 
-s6-rc -u change app
+# fix permissions
+foreground { chmod a+rw /dev/null }
+
+s6-rc -u change app user-app
diff --git a/img/app/etc/passwd b/img/app/etc/passwd
index 29f3b25..1bec4cd 100644
--- a/img/app/etc/passwd
+++ b/img/app/etc/passwd
@@ -1 +1,2 @@
 root:x:0:0:System administrator:/:/bin/sh
+user:x:1000:1000:Usual user:/run/home/user/:/bin/sh
diff --git a/img/app/etc/s6-linux-init/scripts/rc.init b/img/app/etc/s6-linux-init/scripts/rc.init
index b46afb7..05e4bb3 100755
--- a/img/app/etc/s6-linux-init/scripts/rc.init
+++ b/img/app/etc/s6-linux-init/scripts/rc.init
@@ -7,5 +7,7 @@ if { s6-rc-init -c /etc/s6-rc /run/service }
 if { mkdir -p /dev/pts /dev/shm }
 if { modprobe overlay }
 if { mount -a }
+if { mkdir -p /run/home/user }
+if { chown  1000:1000 /run/home/user }
 
 s6-rc change ok-all
diff --git a/img/app/etc/s6-rc/app/run b/img/app/etc/s6-rc/app/run
index 2a628b7..8166111 100755
--- a/img/app/etc/s6-rc/app/run
+++ b/img/app/etc/s6-rc/app/run
@@ -5,6 +5,7 @@
 export TERM foot
 export TERMINFO_DIRS /usr/share/terminfo
 export TMPDIR /run
+export TMUX_TMPDIR /run
 
 backtick USER { id -un }
 backtick HOME {
@@ -22,5 +23,5 @@ fdmove -c 2 0
 foreground { clear }
 unexport ?
 
-foreground { /run/ext/run }
-exec -l sh
+foreground { tmux new sh -c "/run/ext/run" }
+tmux new /bin/sh
diff --git a/img/app/etc/s6-rc/user-app/run b/img/app/etc/s6-rc/user-app/run
new file mode 100755
index 0000000..e0b124c
--- /dev/null
+++ b/img/app/etc/s6-rc/user-app/run
@@ -0,0 +1,19 @@
+#!/bin/sh 
+# SPDX-License-Identifier: EUPL-1.2+
+
+export TERM=foot
+export TERMINFO_DIRS=/usr/share/terminfo
+export TMPDIR=/run
+export USER=user
+export TMUX_TMPDIR=/run
+export HOME=/run/home/${USER}
+
+cd $HOME
+
+while ! test -S '/run/tmux-0/default'; do sleep 1; echo waiting for tmux ; done
+sleep 5
+
+echo "starting user service"
+tmux neww su user sh -c "/run/ext/run-as-user" 
+tmux neww su user /bin/sh
+sleep inf
diff --git a/img/app/etc/s6-rc/user-app/type b/img/app/etc/s6-rc/user-app/type
new file mode 100644
index 0000000..5883cff
--- /dev/null
+++ b/img/app/etc/s6-rc/user-app/type
@@ -0,0 +1 @@
+longrun
diff --git a/img/app/etc/s6-rc/user-app/type.license b/img/app/etc/s6-rc/user-app/type.license
new file mode 100644
index 0000000..c49c11b
--- /dev/null
+++ b/img/app/etc/s6-rc/user-app/type.license
@@ -0,0 +1,2 @@
+SPDX-License-Identifier: CC0-1.0
+SPDX-FileCopyrightText: 2021 Alyssa Ross <hi@alyssa.is>
diff --git a/vm-lib/make-vm.nix b/vm-lib/make-vm.nix
index 2c50ca5..7aff6ed 100644
--- a/vm-lib/make-vm.nix
+++ b/vm-lib/make-vm.nix
@@ -13,7 +13,7 @@ pkgs.pkgsStatic.callPackage (
 
 { lib, runCommand, writeReferencesToFile, e2fsprogs, tar2ext4 }:
 
-{ run, providers ? {} }:
+{ run, run-as-user, providers ? {} }:
 
 let
   inherit (lib)
@@ -34,9 +34,10 @@ runCommand "spectrum-vm" {
   mkdir root
   cd root
   ln -s ${run} run
-  comm -23 <(sort ${writeReferencesToFile run}) \
+  ln -s ${run-as-user} run-as-user
+  comm -23 <(sort ${writeReferencesToFile run} ${writeReferencesToFile run-as-user}) \
       <(sort ${writeReferencesToFile basePaths}) |
-      tar -cf ../run.tar --verbatim-files-from -T - run
+      tar -cf ../run.tar --verbatim-files-from -T - run run-as-user
   tar2ext4 -i ../run.tar -o "$out/blk/run.img"
   e2label "$out/blk/run.img" ext
 
diff --git a/vm/app/catgirl.nix b/vm/app/catgirl.nix
index a4c05e3..3a1ef48 100644
--- a/vm/app/catgirl.nix
+++ b/vm/app/catgirl.nix
@@ -5,7 +5,8 @@
 
 import ../make-vm.nix { inherit config; } {
   providers.net = [ "netvm" ];
-  run = config.pkgs.pkgsStatic.callPackage (
+  
+  run-as-user = config.pkgs.pkgsStatic.callPackage (
     { writeScript, catgirl }:
     writeScript "run-catgirl" ''
       #!/bin/execlineb -P
@@ -14,4 +15,12 @@ import ../make-vm.nix { inherit config; } {
       ${catgirl}/bin/catgirl -h irc.libera.chat -j "#spectrum" -n $nick
     ''
   ) { };
+
+  run = config.pkgs.pkgsStatic.callPackage (
+    { writeScript }:
+    writeScript "run-as-root" ''
+      #!/bin/execlineb -P
+      /bin/true
+    ''
+  ) { };
 }
diff --git a/vm/app/firefox.nix b/vm/app/firefox.nix
new file mode 100644
index 0000000..9744164
--- /dev/null
+++ b/vm/app/firefox.nix
@@ -0,0 +1,31 @@
+# SPDX-License-Identifier: MIT
+# SPDX-FileCopyrightText: 2021-2022 Alyssa Ross <hi@alyssa.is>
+
+{ config ? import ../../../nix/eval-config.nix {} }:
+
+import ../make-vm.nix { inherit config; } {
+  providers.net = [ "netvm" ];
+  run = config.pkgs.callPackage (
+    { writeScript }:
+    writeScript "run-as-root" ''
+      #!/bin/sh
+      /bin/sh
+    ''
+  ) { };
+
+    run-as-user = config.pkgs.callPackage (
+    { writeScript, socat, waypipe, havoc, firefox-wayland}:
+    writeScript "run-firefox" ''
+      #!/bin/sh
+      mkdir /run/home/user/0
+      export XDG_RUNTIME_DIR=/run/home/user/0
+      ${socat}/bin/socat  unix-listen:/run/home/user/waypipe.sock,reuseaddr,fork vsock-connect:2:5000 &
+      sleep 1
+      ${waypipe}/bin/waypipe --display wayland-local-user --socket /run/home/user/waypipe.sock server -- sleep inf &
+      export WAYLAND_DISPLAY=wayland-local-user
+
+      ${firefox-wayland}/bin/firefox https://spectrum-os.org/
+      /bin/sh
+    ''
+  ) { };
+}
diff --git a/vm/app/hello-waypipe.nix b/vm/app/hello-waypipe.nix
index 601b638..6ff216c 100644
--- a/vm/app/hello-waypipe.nix
+++ b/vm/app/hello-waypipe.nix
@@ -6,7 +6,7 @@
 import ../make-vm.nix { inherit config; } {
   providers.net = [ "netvm" ];
   run = config.pkgs.callPackage (
-    { writeScript, waypipe, havoc, foot, hello-wayland, socat}:
+    { writeScript, waypipe, socat, weston, havoc }:
     writeScript "run-waypipe-app" ''
       #!/bin/sh
       mkdir /run/0
@@ -16,8 +16,14 @@ import ../make-vm.nix { inherit config; } {
       ${waypipe}/bin/waypipe --display wayland-local --socket /run/waypipe.sock server -- sleep inf &
       export WAYLAND_DISPLAY=wayland-local
       ${havoc}/bin/havoc
-      ${hello-wayland}/bin/hello-wayland
-      ${foot}/bin/foot
+    ''
+  ) { };
+
+    run-as-user = config.pkgs.pkgsStatic.callPackage (
+    { writeScript, socat, waypipe, havoc, firefox-wayland}:
+    writeScript "run-as-user" ''
+      #!/bin/sh
+      /bin/sh
     ''
   ) { };
 }
diff --git a/vm/app/lynx.nix b/vm/app/lynx.nix
index 00d449e..0ecc3f0 100644
--- a/vm/app/lynx.nix
+++ b/vm/app/lynx.nix
@@ -5,11 +5,21 @@
 
 import ../make-vm.nix { inherit config; } {
   providers.net = [ "netvm" ];
+
   run = config.pkgs.pkgsStatic.callPackage (
+   { writeScript }:
+    writeScript "run-root-shell" ''
+      #!/bin/execlineb -P
+      /bin/sh
+    ''
+  ) { };
+
+  run-as-user = config.pkgs.pkgsStatic.callPackage (
     { writeScript, lynx }:
     writeScript "run-lynx" ''
       #!/bin/execlineb -P
       ${lynx}/bin/lynx https://spectrum-os.org
     ''
   ) { };
+
 }
-- 
2.36.2



^ permalink raw reply	[flat|nested] 2+ messages in thread

end of thread, other threads:[~2022-12-04 22:45 UTC | newest]

Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2022-12-04 22:45 [PATCH 1/2] Enables forwarding Wayland from appVM to host with waypipe vadim likholetov
2022-12-04 22:45 ` [PATCH 2/2] Firefox appVM patches and appVM refactoring vadim likholetov

Code repositories for project(s) associated with this public inbox

	https://spectrum-os.org/git/crosvm
	https://spectrum-os.org/git/doc
	https://spectrum-os.org/git/mktuntap
	https://spectrum-os.org/git/nixpkgs
	https://spectrum-os.org/git/spectrum
	https://spectrum-os.org/git/ucspi-vsock
	https://spectrum-os.org/git/www

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).