From: Alyssa Ross <hi@alyssa.is>
To: discuss@spectrum-os.org, devel@spectrum-os.org
Subject: This Week in Spectrum, 2020-W21
Date: Sun, 24 May 2020 23:16:41 +0000 [thread overview]
Message-ID: <87pnasudnq.fsf@alyssa.is> (raw)
[-- Attachment #1: Type: text/plain, Size: 3299 bytes --]
A week of results!
Infrastructure
--------------
Fixed a misconfigured spam filter that allowed an obvious spam message
through to devel@. Oops.
crosvm
------
Integrated the memfd server[1] on the interguest branch. It's now all
sandboxed, and optionally enabled with a command line argument to crosvm
run. Not all that much to say here, but it's what took me most of the
week!
Getting the sandbox working was a bit weird. When I tried to get it to
log seccomp failures, it seemed to just disable the sandbox. I had to
track them down with strace instead. Annoying. But the sandbox does
work in normal operation.
I still haven't limited how much memory can be requested this way. I
think implementing that would be relatively straightforward for another
contributor, so I think I'll add it to the ideas list[2] and see if a
patch is forthcoming. Otherwise I'll do it myself.
[1]: https://spectrum-os.org/git/crosvm/commit/?h=interguest
[2]: https://spectrum-os.org/todo.html
wlroots
-------
I took my standalone virtio_wl test program, and integrated it into
wlroots' allocate_shm_file function. This has the result that, when
running under Sommelier, this patched wlroots will request shared memory
from the host, rather than allocating it itself. Porting from the
standalone test program was nice, because it meant that this all just
worked, first try! (Once I got it to compile under Nixpkgs' or wlroots'
strict compiler errors, at least.) This will allow that memory to be
sent between VMs!
I haven't pushed the patch yet because I haven't integrated it into
Spectrum's Nixpkgs yet. I plan to do that next week. I'm starting to
think about moving the stuff specific to Spectrum VMs into an overlay,
but I need to think a bit about how to structure that.
Nixpkgs
-------
There's no sign of the expected Chromium OS release so far, so I
backported[3] support for multiple virtio_wl sockets from a more recent
Chromium OS kernel to the one in Spectrum's Nixpkgs. We need this to be
able to dedicate a named socket to the memfd server.
[3]: https://spectrum-os.org/git/nixpkgs/commit/?id=f24d310275909265de32cbc831d5832cbccc68ee
It's been another week where I've been very focused on one task. I'm
quite excited about the direction this is all going. It's looking like
we'll be able to do almost everything inside VMs, which means it might
be possible to have a host kernel that does almost nothing apart from
KVM and PCI passthrough?? This would mean we'd end up with a tiny Linux
a little bit (but not all that much) like a microkernel, with most
hardware interaction and all user programs running in VMs. Cool stuff!
It's not clear to me yet the exact extent to which this is achievable,
but it's a nice vision to keep in mind. It might also make it easier
for us to transition to a true microkernel at some point in the future.
I'm hoping that I'll hit an NLnet milestone related to this stuff fairly
soon. Until I do, I'm now living on the money I've received in the past
six months through GitHub Sponsors. Thank you so much to everyone who
is helping to make it possible for me to spend this time on the
fundamentals so we have a good foundation to build Spectrum on. <3
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 832 bytes --]
reply other threads:[~2020-05-24 23:17 UTC|newest]
Thread overview: [no followups] expand[flat|nested] mbox.gz Atom feed
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=87pnasudnq.fsf@alyssa.is \
--to=hi@alyssa.is \
--cc=devel@spectrum-os.org \
--cc=discuss@spectrum-os.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).