From mboxrd@z Thu Jan 1 00:00:00 1970 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on atuin.qyliss.net X-Spam-Level: X-Spam-Status: No, score=-1.1 required=5.0 tests=DKIM_SIGNED,DKIM_VALID, DKIM_VALID_AU,MAILING_LIST_MULTI,RCVD_IN_DNSWL_NONE,SPF_HELO_NONE autolearn=unavailable autolearn_force=no version=3.4.6 Received: from atuin.qyliss.net (localhost [IPv6:::1]) by atuin.qyliss.net (Postfix) with ESMTP id CFFA351FFE; Tue, 6 Dec 2022 15:18:30 +0000 (UTC) Received: by atuin.qyliss.net (Postfix, from userid 496) id A035752074; Tue, 6 Dec 2022 15:18:28 +0000 (UTC) Received: from mail-ej1-x642.google.com (mail-ej1-x642.google.com [IPv6:2a00:1450:4864:20::642]) by atuin.qyliss.net (Postfix) with ESMTPS id 118CD52073 for ; Tue, 6 Dec 2022 15:18:25 +0000 (UTC) Received: by mail-ej1-x642.google.com with SMTP id gh17so6986493ejb.6 for ; Tue, 06 Dec 2022 07:18:25 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=unikie.com; s=google; h=in-reply-to:content-disposition:mime-version:references:message-id :subject:cc:to:from:date:from:to:cc:subject:date:message-id:reply-to; bh=oQP76nPwhW8kuVxyrPBHNbCHkLO8qi81IymMC712Kw4=; b=DerikbCcsUNwHpIe5M5UarkhxEg2RWUW5IswdFrH8SyP9XzwkGiJNJzRZVPfJF76up S8sfpqclHZRc6JH+nkyaA9aLd9SgkMF5ECEnFMIlJZSt3vGRGGdIT4c961sq+OA9Qndg hrEGQ9jNymXvyUoO6cGtx/lz+rOFF9EDxi+r6JS35dtLY0pRFYbZ+6E4bWBRqx6BbLQ/ rGOdZ39DL6vacpg1Szu4sbzMp+1mDs/BQIE/D5zdSKekBf0j+TJ6NdmJSsrIbF01gmL0 9xZxGtsqxUGe+PQWBIiao1WHN2biYFmmTSzgxUaWqjTfrchqSYT72zhSOS+ihZ8XQU9c kPZg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=in-reply-to:content-disposition:mime-version:references:message-id :subject:cc:to:from:date:x-gm-message-state:from:to:cc:subject:date :message-id:reply-to; bh=oQP76nPwhW8kuVxyrPBHNbCHkLO8qi81IymMC712Kw4=; b=BuCPPdXiWS1N5d1T8xLF8mr5pO1wSSWeiLp+2B5mSozObyr4rNXo9bsTbQIXiTWuy0 /s/FmY8f+PgivwufgP9w0XoZklbK6qc7cvyDlsgkTDBIHlcFlQ6ImnxeZ0pawDgwL6mS oCiShAMU9lyuJ4NE9mKd/gJ+1fETQyHdFCk1fpz4ffg9TEkqNmu4xftPefaGgj42oT6o 8DKYSGp6H3hvox8IDEN32nv68oV/sEKJ0hcZGHuEUhE8buu05aUdukHXD2fDQrlkPYB3 2Bg6DZSAt3wYXELsnVUEzskLf/qqN4oL1xXmuAmr1E7OfvqayRQtf154/E2Yj3BbRbIq k4LQ== X-Gm-Message-State: ANoB5pksgvrpFf9QBrrlW1bBJoD/CtW19tKb0amzspqvBZ4wVGoSX0yV WkPQ3KZxYgf3u2JzYT6oF88KxSbI1SBZZZ8QIc0= X-Google-Smtp-Source: AA0mqf51CFmcW7l6h2llZmHkE2Eed26KAR5ljCsvVmrhfFKbPjTKj2yLrv+l87wjdCpW8Fz/7gyieQ== X-Received: by 2002:a17:906:30c3:b0:7ba:a674:22e4 with SMTP id b3-20020a17090630c300b007baa67422e4mr49081203ejb.279.1670339900131; Tue, 06 Dec 2022 07:18:20 -0800 (PST) Received: from x220.qyliss.net (p54b8e1f2.dip0.t-ipconnect.de. [84.184.225.242]) by smtp.gmail.com with ESMTPSA id g2-20020a170906198200b007bd1ef2cccasm7533863ejd.48.2022.12.06.07.18.19 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 06 Dec 2022 07:18:19 -0800 (PST) Received: by x220.qyliss.net (Postfix, from userid 1000) id 0881E1B2E5; Tue, 6 Dec 2022 15:18:19 +0000 (UTC) Date: Tue, 6 Dec 2022 15:18:18 +0000 From: Alyssa Ross To: Vadim Likholetov Subject: Re: Firefox appVM patches and appVM refactoring Message-ID: <20221206151818.vrobuukjb35qxpm2@x220> References: <20221206114239.ifel7s6ctmhzymbc@x220> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="4k5ulsw6kgll4ed6" Content-Disposition: inline In-Reply-To: Message-ID-Hash: 56LUVSLPJIBGBPPGNZTQ2GZUGNKRQZH5 X-Message-ID-Hash: 56LUVSLPJIBGBPPGNZTQ2GZUGNKRQZH5 X-MailFrom: alyssa.ross@unikie.com X-Mailman-Rule-Hits: header-match-devel.spectrum-os.org-0 X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-config-1 CC: devel@spectrum-os.org X-Mailman-Version: 3.3.5 Precedence: list List-Id: Patches and low-level development discussion Archived-At: List-Archive: List-Help: List-Owner: List-Post: List-Subscribe: List-Unsubscribe: --4k5ulsw6kgll4ed6 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable > >> So now the .nix file for appvm has two sections, one that is executed = as > >> root and one as user. > >> Here is the sample of this definitions: > >> > >> { config ? import ../../../nix/eval-config.nix {} }: > >> > >> import ../make-vm.nix { inherit config; } { > >> providers.net =3D [ "netvm" ]; > >> > >> run =3D config.pkgs.pkgsStatic.callPackage ( > >> { writeScript }: > >> writeScript "run-root-shell" '' > >> #!/bin/execlineb -P > >> /bin/sh > >> '' > >> ) { }; > >> > >> run-as-user =3D config.pkgs.pkgsStatic.callPackage ( > >> { writeScript, lynx }: > >> writeScript "run-lynx" '' > >> #!/bin/execlineb -P > >> ${lynx}/bin/lynx https://www.google.com/url?q=3Dhttps://spectrum-= os.org&source=3Dgmail-imap&ust=3D1670931764000000&usg=3DAOvVaw3fPCahT573bNM= QKMWAGTEW > >> '' > >> ) { }; > >> > >> } > > > > I'm not too sure about this part =E2=80=94 it seems like quite a lot of > > complexity in the app VM implementation, when dropping privileges > > (unless there's something I haven't considered?) should be as simple as > > putting "s6-applyuidgid -u 1000 -g 1000" in the VM run script at the > > point where privileges can be dropped. > > I think it=E2=80=99s more flexibility rather than complexity. > Also because of immature nature of the Spectrum OS it is good to have som= e extra tools for developers to debug the stuff and to have extra controls. > I can think of refactoring this on the /img/vm level =E2=80=94 I=E2=80=99= m using su and not s6-tools, if you=E2=80=99re interested in this patchset= in general. Would you mind explaining what makes run-as-user more flexible? As far as I can tell, run-as-user doesn't make it possible to do anything that wasn't possible before. > >> Cloud-hypervisor has virtual hardware limitations -- it supports only = one > >> console device and only one serial device. > >> SpectrumOS is using serial device for kernel logs of appVM and console > >> device as a console. > >> To have access both to root-executed part and to user-executed part of= the > >> VM payload, I installed a tmux on console. > >> Now, when you're running vm-console command you get access to the tmux > >> and have the ability to switch between root and user consoles, > >> that can be useful during debugging VM payload. > >> > >> To run Firefox appVM use vm-start-way command: vm-start-way appvm-fire= fox :) > > > > Would it work with virtio-gpu? I'm still not convinced on Waypipe =E2= =80=94 > > where the previous discussion left off, we were talking about VMs over > > the network. That would be an interesting thing to look at (and it > > would be really cool if we could make it work!), but doing it would take > > a lot more than just network-transparent Wayland proxying, so if that's > > the main thing we'd get out of Waypipe, I think it would only make sense > > to add Waypipe support as part of that bigger work. (And this point in > > time, when how VMs work at all in Spectrum is a bit in flux, is probably > > not the best time to start trying to massively expand their scope!) > > I think it=E2=80=99s the wrong question :-) > Both implementations of wayland passthru ( virtio-gpu and waypipe) are ug= ly right now but they both allow to move the development forward. But somed= ay I believe they=E2=80=99ll become nice. I really believe! :-) > > The thing is definitely needed in the mainline is abstraction layer for w= ayland apps =E2=80=94 to move all proxying and other system or hardware dep= endant details out of VM=E2=80=99s descriptions =E2=80=94 we define that is= an wayland appVM ( like it=E2=80=99s defined it=E2=80=99s networking appVM= ) and the mechanisms of how the WAYLAND_DISPLAY gets to the is covered by t= his abstraction layer. Agreed on that. I want to get to the place soon where we can run arbitrary applications on Spectrum, without having to create custom VM definitions for each one. To be able to do that, we'll need the environment an application it runs in to be set up as common applications expect. So WAYLAND_DISPLAY, etc. will need to be set up. And then if you want to use Waypipe instead of virtio-gpu, you just need to make a custom template that does that. --4k5ulsw6kgll4ed6 Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEEH9wgcxqlHM/ARR3h+dvtSFmyccAFAmOPXTkACgkQ+dvtSFmy ccBKSBAApgNRRRTENU8acpMYpxaPoef6RNN5zNCEvwqV0WUqiCNEcVcTsi5IU428 4v3WlbFlpJ7CKqs7XVCWntGwi7DWuVD2XTHRMlmbrjZ7Sj9Iqe4AuW06msj/dvu/ Wn5HNxYNFCbjSCKSRh/uCOl/doMtmuEcm7yzgCTbpOruaw1EPULmul7DItzWagmq s7EwePPzdFY2XF+m2ReXYTU06ntHG5a4hUhiMPl9E4Qu1n2n5TGLVzHShSxET1fm qrf95dL4Lu/tIaQYl1eusK3199D8lwcUk5nRcF1fjEg5EbvdLItvf01W0f9ZZH4Q agrG5uZqBzz2DPoya8zixnLlAOrWObCoLoghS0221CRpNZj2lOqS4cPva5GnTRFz yhdfUvoeKsdT5xOvJdGNBp+pwGTJ2tAGiF08gMfztv19XpIaHiAFSsUlfCOnEkFy VyKAC2AEVJKqy2pprkKRhB1e/1zcw5HVv32UDADO+H6PUFrGty/WziIJEusBWzHr 083mtjdTMsy9rN41YN8M5kYch3RriPc2yg1tgWiW1+965mL1wKa8R3z86OFRdJ6x HKRWhEmmJH15YO9KjfeM7jQPEUv4r9pbl5jv3dfovCgSDav67fJFem/sfsTuL6qp /kP0kY2ZdnAAiX3/xOv5jPhEe0rjo4L5lbXGf2Ax5qKabQ0ImRQ= =ITjp -----END PGP SIGNATURE----- --4k5ulsw6kgll4ed6--