When a VM is configured with Wayland support, the ext-rc-init service will create an additional service to supervise the crosvm GPU backend, and start-vm will pass the required arguments to cloud-hypervisor to tell it how to connect to crosvm. Signed-off-by: Alyssa Ross <alyssa.ross@unikie.com> --- We're using the Glibc version of crosvm here, rather than getting it from pkgsGui like we should be. That's blocked on making pkgsMusl.cargo work in Nixpkgs: https://github.com/NixOS/nixpkgs/pull/190796 Documentation/creating-vms.adoc | 5 +++++ host/rootfs/Makefile | 4 ++++ host/rootfs/default.nix | 4 ++-- host/rootfs/etc/s6-rc/ext-rc-init/up | 8 ++++++++ host/rootfs/etc/template/gpu/data/check | 5 +++++ host/rootfs/etc/template/gpu/notification-fd | 1 + host/rootfs/etc/template/gpu/notification-fd.license | 2 ++ host/rootfs/etc/template/gpu/run | 9 +++++++++ host/rootfs/etc/template/gpu/type | 1 + host/rootfs/etc/template/gpu/type.license | 2 ++ host/start-vm/start-vm.rs | 9 +++++++++ vm-lib/make-vm.nix | 9 ++++++++- 12 files changed, 56 insertions(+), 3 deletions(-) create mode 100755 host/rootfs/etc/template/gpu/data/check create mode 100644 host/rootfs/etc/template/gpu/notification-fd create mode 100644 host/rootfs/etc/template/gpu/notification-fd.license create mode 100755 host/rootfs/etc/template/gpu/run create mode 100644 host/rootfs/etc/template/gpu/type create mode 100644 host/rootfs/etc/template/gpu/type.license diff --git a/Documentation/creating-vms.adoc b/Documentation/creating-vms.adoc index 6d4fde0..a4d5acf 100644 --- a/Documentation/creating-vms.adoc +++ b/Documentation/creating-vms.adoc @@ -2,6 +2,7 @@ :page-parent: Reference // SPDX-FileCopyrightText: 2022 Alyssa Ross <hi@alyssa.is> +// SPDX-FileCopyrightText: 2022 Unikie // SPDX-License-Identifier: GFDL-1.3-no-invariants-or-later OR CC-BY-SA-4.0 == Configuration @@ -23,6 +24,10 @@ providers/net:: A directory containing a file named for each VM that should provide networking to this VM. The contents of these files are ignored. +wayland:: An empty file, whose presence indicates that the host should +set up a virtio-gpu device supporting the cross-domain context type, +for the VM to send Wayland messages over. + === Example A configuration directory for a VM called "appvm-lynx" dedicated to diff --git a/host/rootfs/Makefile b/host/rootfs/Makefile index 31f76d2..f0f6a4b 100644 --- a/host/rootfs/Makefile +++ b/host/rootfs/Makefile @@ -28,6 +28,10 @@ FILES = \ etc/mdev/wait \ etc/parse-devname \ etc/passwd \ + etc/template/gpu/data/check \ + etc/template/gpu/notification-fd \ + etc/template/gpu/run \ + etc/template/gpu/type \ etc/s6-linux-init/run-image/service/getty-tty1/run \ etc/s6-linux-init/run-image/service/getty-tty2/run \ etc/s6-linux-init/run-image/service/getty-tty3/run \ diff --git a/host/rootfs/default.nix b/host/rootfs/default.nix index 4788628..ad6ea1f 100644 --- a/host/rootfs/default.nix +++ b/host/rootfs/default.nix @@ -44,8 +44,8 @@ let foot = pkgsGui.foot.override { allowPgo = false; }; packages = [ - cloud-hypervisor execline jq kmod mdevd s6 s6-linux-init s6-rc socat - start-vm + cloud-hypervisor pkgs.crosvm execline jq kmod mdevd s6 s6-linux-init s6-rc + socat start-vm (cryptsetup.override { programs = { diff --git a/host/rootfs/etc/s6-rc/ext-rc-init/up b/host/rootfs/etc/s6-rc/ext-rc-init/up index 1aec7fb..2ab3f03 100644 --- a/host/rootfs/etc/s6-rc/ext-rc-init/up +++ b/host/rootfs/etc/s6-rc/ext-rc-init/up @@ -1,5 +1,6 @@ # SPDX-License-Identifier: EUPL-1.2+ # SPDX-FileCopyrightText: 2021-2022 Alyssa Ross <hi@alyssa.is> +# SPDX-FileCopyrightText: 2022 Unikie if { mkdir -p /run/s6-rc.ext.src } @@ -15,6 +16,13 @@ if { if { redirfd -w 1 ${name}/notification-fd echo 3 } if { ln -s -- /bin/start-vm ${name}/run } + if { + if -t { test -e ${dir}/wayland } + if { cp -R /etc/template/gpu /run/s6-rc.ext.src/${name}-gpu } + if { mkdir /run/s6-rc.ext.src/${name}-gpu/env } + touch /run/s6-rc.ext.src/${name}/dependencies.d/${name}-gpu + } + elglob -0 paths /ext/svc/data/${name}/providers/net/* forx -pE path { $paths } backtick -E dep { basename -- $path } diff --git a/host/rootfs/etc/template/gpu/data/check b/host/rootfs/etc/template/gpu/data/check new file mode 100755 index 0000000..868346b --- /dev/null +++ b/host/rootfs/etc/template/gpu/data/check @@ -0,0 +1,5 @@ +#!/bin/execlineb -P +# SPDX-License-Identifier: EUPL-1.2+ +# SPDX-FileCopyrightText: Unikie + +test -S env/crosvm.sock diff --git a/host/rootfs/etc/template/gpu/notification-fd b/host/rootfs/etc/template/gpu/notification-fd new file mode 100644 index 0000000..00750ed --- /dev/null +++ b/host/rootfs/etc/template/gpu/notification-fd @@ -0,0 +1 @@ +3 diff --git a/host/rootfs/etc/template/gpu/notification-fd.license b/host/rootfs/etc/template/gpu/notification-fd.license new file mode 100644 index 0000000..2241beb --- /dev/null +++ b/host/rootfs/etc/template/gpu/notification-fd.license @@ -0,0 +1,2 @@ +SPDX-License-Identifier: CC0-1.0 +SPDX-FileCopyrightText: 2022 Unikie diff --git a/host/rootfs/etc/template/gpu/run b/host/rootfs/etc/template/gpu/run new file mode 100755 index 0000000..d1913dd --- /dev/null +++ b/host/rootfs/etc/template/gpu/run @@ -0,0 +1,9 @@ +#!/bin/execlineb -P +# SPDX-License-Identifier: EUPL-1.2+ +# SPDX-FileCopyrightText: Unikie + +s6-notifyoncheck -d +crosvm --no-syslog device gpu + --socket env/crosvm.sock + --wayland-sock /run/user/0/wayland-1 + --params "{\"context-types\": \"cross-domain\"}" diff --git a/host/rootfs/etc/template/gpu/type b/host/rootfs/etc/template/gpu/type new file mode 100644 index 0000000..5883cff --- /dev/null +++ b/host/rootfs/etc/template/gpu/type @@ -0,0 +1 @@ +longrun diff --git a/host/rootfs/etc/template/gpu/type.license b/host/rootfs/etc/template/gpu/type.license new file mode 100644 index 0000000..2241beb --- /dev/null +++ b/host/rootfs/etc/template/gpu/type.license @@ -0,0 +1,2 @@ +SPDX-License-Identifier: CC0-1.0 +SPDX-FileCopyrightText: 2022 Unikie diff --git a/host/start-vm/start-vm.rs b/host/start-vm/start-vm.rs index 41a4fbc..b954ebd 100644 --- a/host/start-vm/start-vm.rs +++ b/host/start-vm/start-vm.rs @@ -104,6 +104,15 @@ fn vm_command(dir: PathBuf) -> Result<Command, String> { Err(e) => return Err(format!("reading directory {:?}: {}", blk_dir, e)), } + if definition_path.join("wayland").exists() { + command.arg("--gpu").arg({ + let mut gpu = OsString::from("socket=../"); + gpu.push(vm_name); + gpu.push("-gpu/env/crosvm.sock"); + gpu + }); + } + if command.get_args().last() == Some(OsStr::new("--disk")) { return Err("no block devices specified".to_string()); } diff --git a/vm-lib/make-vm.nix b/vm-lib/make-vm.nix index 20cdba4..f595481 100644 --- a/vm-lib/make-vm.nix +++ b/vm-lib/make-vm.nix @@ -1,12 +1,13 @@ # SPDX-License-Identifier: MIT # SPDX-FileCopyrightText: 2022 Alyssa Ross <hi@alyssa.is> +# SPDX-FileCopyrightText: 2022 Unikie { config ? import ../nix/eval-config.nix {} }: config.pkgs.pkgsStatic.callPackage ( { lib, runCommand, writeReferencesToFile, e2fsprogs, tar2ext4 }: -{ name, run, providers ? {} }: +{ name, run, providers ? {}, wayland ? false }: let inherit (lib) @@ -20,6 +21,8 @@ assert !(any (hasInfix "\n") (concatLists (attrValues providers))); runCommand "spectrum-vm-${name}" { nativeBuildInputs = [ e2fsprogs tar2ext4 ]; + inherit wayland; + providerDirs = concatStrings (concatLists (mapAttrsToList (kind: map (vm: "${kind}/${vm}\n")) providers)); passAsFile = [ "providerDirs" ]; @@ -41,6 +44,10 @@ runCommand "spectrum-vm-${name}" { xargs -rd '\n' touch -- < "$providerDirsPath" popd + if [ -n "$wayland" ]; then + touch "$out/data/${name}/wayland" + fi + ln -s /usr/img/appvm/blk/root.img "$out/data/${name}/blk" ln -s /usr/img/appvm/vmlinux "$out/data/${name}" '' -- 2.37.1