[PATCH 1/2] host/rootfs: use initramfs in "make run"
This will allow us to stop compiling e.g. the virtio-blk module into the kernel, because it will be loaded by the initramfs. This introduces some duplication between the rootfs and initramfs's Makefiles. I don't think it's worth the effort at the moment to try to reduce that, because it would come at the expense of additional complexity in the Makefiles. We can revisit this later if we want to. Signed-off-by: Alyssa Ross <hi@alyssa.is> --- host/rootfs/Makefile | 32 ++++++++++++++++++++++++++++---- host/rootfs/shell.nix | 10 ++++++++-- 2 files changed, 36 insertions(+), 6 deletions(-) diff --git a/host/rootfs/Makefile b/host/rootfs/Makefile index 41cf87c..31f76d2 100644 --- a/host/rootfs/Makefile +++ b/host/rootfs/Makefile @@ -6,6 +6,9 @@ # QEMU_KVM = qemu-system-x86_64 -enable-kvm. QEMU_KVM = qemu-kvm +SCRIPTS = ../../scripts +VERITYSETUP = veritysetup + # tar2ext4 will leave half a filesystem behind if it's interrupted # half way through. build/rootfs.ext4: build/rootfs.tar @@ -116,16 +119,37 @@ clean: rm -rf build .PHONY: clean -run: build/rootfs.ext4 $(EXT_FS) +# veritysetup format produces two files, but Make only (portably) +# supports one output per rule, so we combine the two outputs then +# define two more rules to separate them again. +build/rootfs.verity: build/rootfs.ext4 + $(VERITYSETUP) format build/rootfs.ext4 build/rootfs.verity.superblock.tmp \ + | awk -F ':[[:blank:]]*' '$$1 == "Root hash" {print $$2; exit}' \ + > build/rootfs.verity.roothash.tmp + cat build/rootfs.verity.roothash.tmp build/rootfs.verity.superblock.tmp \ + > $@ + rm build/rootfs.verity.roothash.tmp build/rootfs.verity.superblock.tmp +build/rootfs.verity.roothash: build/rootfs.verity + head -n 1 build/rootfs.verity > $@ +build/rootfs.verity.superblock: build/rootfs.verity + tail -n +2 build/rootfs.verity > $@ + +build/live.img: $(SCRIPTS)/format-uuid.sh $(SCRIPTS)/make-gpt.sh build/rootfs.verity.superblock build/rootfs.verity.roothash build/rootfs.ext4 + $(SCRIPTS)/make-gpt.sh $@.tmp \ + build/rootfs.verity.superblock:2c7357ed-ebd2-46d9-aec1-23d437ec2bf5:$$($(SCRIPTS)/format-uuid.sh "$$(dd if=build/rootfs.verity.roothash bs=32 skip=1 count=1 status=none)") \ + build/rootfs.ext4:4f68bce3-e8cd-4db1-96e7-fbcaf984b709:$$($(SCRIPTS)/format-uuid.sh "$$(head -c 32 build/rootfs.verity.roothash)") + mv $@.tmp $@ + +run: build/live.img $(EXT_FS) build/rootfs.verity.roothash $(QEMU_KVM) -cpu host -m 2G \ - -machine q35,kernel=$(KERNEL),kernel-irqchip=split \ + -machine q35,kernel=$(KERNEL),kernel-irqchip=split,initrd=$(INITRAMFS) \ -display gtk,gl=on \ -qmp unix:vmm.sock,server,nowait \ -monitor vc \ -parallel none \ - -drive file=build/rootfs.ext4,if=virtio,format=raw,readonly=on \ + -drive file=build/live.img,if=virtio,format=raw,readonly=on \ -drive file=$(EXT_FS),if=virtio,format=raw,readonly=on \ - -append "console=ttyS0 root=/dev/vda ext=/dev/vdb intel_iommu=on" \ + -append "console=ttyS0 roothash=$$(< build/rootfs.verity.roothash) ext=/dev/vdb intel_iommu=on" \ -device intel-iommu,intremap=on \ -device virtio-vga-gl \ -device vhost-vsock-pci,guest-cid=3 diff --git a/host/rootfs/shell.nix b/host/rootfs/shell.nix index 3b2310f..fe9df1b 100644 --- a/host/rootfs/shell.nix +++ b/host/rootfs/shell.nix @@ -1,18 +1,24 @@ # SPDX-License-Identifier: MIT # SPDX-FileCopyrightText: 2021 Alyssa Ross <hi@alyssa.is> +# SPDX-FileCopyrightText: 2022 Unikie { pkgs ? import <nixpkgs> {} }: +let + rootfs = import ./. { inherit pkgs; }; +in + with pkgs; -(import ./. { inherit pkgs; }).overrideAttrs ( +rootfs.overrideAttrs ( { passthru ? {}, nativeBuildInputs ? [], ... }: { nativeBuildInputs = nativeBuildInputs ++ [ - jq netcat qemu_kvm reuse util-linux + cryptsetup jq netcat qemu_kvm reuse util-linux ]; EXT_FS = pkgsStatic.callPackage ../initramfs/extfs.nix { inherit pkgs; }; + INITRAMFS = import ../initramfs { inherit pkgs rootfs; }; KERNEL = "${passthru.kernel}/${stdenv.hostPlatform.linux-kernel.target}"; }) -- 2.37.1
These drivers should be loaded by the initramfs if required — most Spectrum installs won't need the virtio drivers on the host, and overriding the kernel means more stuff we can't reuse from cache.nixos.org. We'll probably want to build in the driver for whatever filesystem we end up using for the root file system eventually, since it will always be required, but that should be done as part of a more systematic effort to optimise our kernel configuration. Signed-off-by: Alyssa Ross <hi@alyssa.is> --- host/rootfs/default.nix | 9 +-------- 1 file changed, 1 insertion(+), 8 deletions(-) diff --git a/host/rootfs/default.nix b/host/rootfs/default.nix index e5f316f..a651a20 100644 --- a/host/rootfs/default.nix +++ b/host/rootfs/default.nix @@ -65,14 +65,7 @@ let imports = [ (modulesPath + "/profiles/all-hardware.nix") ]; }); - kernel = pkgs.linux_latest.override { - structuredExtraConfig = with lib.kernel; { - VIRTIO = yes; - VIRTIO_PCI = yes; - VIRTIO_BLK = yes; - EXT4_FS = yes; - }; - }; + kernel = pkgs.linux_latest; packagesSysroot = runCommand "packages-sysroot" { nativeBuildInputs = [ xorg.lndir ]; -- 2.37.1
On Thu, Sep 1, 2022 at 1:47 PM Alyssa Ross <hi@alyssa.is> wrote:
These drivers should be loaded by the initramfs if required — most Spectrum installs won't need the virtio drivers on the host, and overriding the kernel means more stuff we can't reuse from cache.nixos.org.
We'll probably want to build in the driver for whatever filesystem we end up using for the root file system eventually, since it will always be required, but that should be done as part of a more systematic effort to optimise our kernel configuration.
Signed-off-by: Alyssa Ross <hi@alyssa.is>
Tested-by: José Pekkarinen <jose.pekkarinen@unikie.com>
--- host/rootfs/default.nix | 9 +-------- 1 file changed, 1 insertion(+), 8 deletions(-)
diff --git a/host/rootfs/default.nix b/host/rootfs/default.nix index e5f316f..a651a20 100644 --- a/host/rootfs/default.nix +++ b/host/rootfs/default.nix @@ -65,14 +65,7 @@ let imports = [ (modulesPath + "/profiles/all-hardware.nix") ]; });
- kernel = pkgs.linux_latest.override { - structuredExtraConfig = with lib.kernel; { - VIRTIO = yes; - VIRTIO_PCI = yes; - VIRTIO_BLK = yes; - EXT4_FS = yes; - }; - }; + kernel = pkgs.linux_latest;
packagesSysroot = runCommand "packages-sysroot" { nativeBuildInputs = [ xorg.lndir ]; -- 2.37.1
-- José.
This patch has been committed as 44d289986b1ef4d7a0c6655b97a487fb61b45534, which can be viewed online at https://spectrum-os.org/git/spectrum/commit/?id=44d289986b1ef4d7a0c6655b97a4.... This is an automated message. Send comments/questions/requests to: Alyssa Ross <hi@alyssa.is>
On Thu, Sep 1, 2022 at 1:47 PM Alyssa Ross <hi@alyssa.is> wrote:
This will allow us to stop compiling e.g. the virtio-blk module into the kernel, because it will be loaded by the initramfs.
This introduces some duplication between the rootfs and initramfs's Makefiles. I don't think it's worth the effort at the moment to try to reduce that, because it would come at the expense of additional complexity in the Makefiles. We can revisit this later if we want to.
Signed-off-by: Alyssa Ross <hi@alyssa.is> --- host/rootfs/Makefile | 32 ++++++++++++++++++++++++++++---- host/rootfs/shell.nix | 10 ++++++++-- 2 files changed, 36 insertions(+), 6 deletions(-)
diff --git a/host/rootfs/Makefile b/host/rootfs/Makefile index 41cf87c..31f76d2 100644 --- a/host/rootfs/Makefile +++ b/host/rootfs/Makefile @@ -6,6 +6,9 @@ # QEMU_KVM = qemu-system-x86_64 -enable-kvm. QEMU_KVM = qemu-kvm
+SCRIPTS = ../../scripts +VERITYSETUP = veritysetup + # tar2ext4 will leave half a filesystem behind if it's interrupted # half way through. build/rootfs.ext4: build/rootfs.tar @@ -116,16 +119,37 @@ clean: rm -rf build .PHONY: clean
-run: build/rootfs.ext4 $(EXT_FS) +# veritysetup format produces two files, but Make only (portably) +# supports one output per rule, so we combine the two outputs then +# define two more rules to separate them again. +build/rootfs.verity: build/rootfs.ext4 + $(VERITYSETUP) format build/rootfs.ext4 build/rootfs.verity.superblock.tmp \ + | awk -F ':[[:blank:]]*' '$$1 == "Root hash" {print $$2; exit}' \ + > build/rootfs.verity.roothash.tmp + cat build/rootfs.verity.roothash.tmp build/rootfs.verity.superblock.tmp \ + > $@ + rm build/rootfs.verity.roothash.tmp build/rootfs.verity.superblock.tmp +build/rootfs.verity.roothash: build/rootfs.verity + head -n 1 build/rootfs.verity > $@ +build/rootfs.verity.superblock: build/rootfs.verity + tail -n +2 build/rootfs.verity > $@ + +build/live.img: $(SCRIPTS)/format-uuid.sh $(SCRIPTS)/make-gpt.sh build/rootfs.verity.superblock build/rootfs.verity.roothash build/rootfs.ext4 + $(SCRIPTS)/make-gpt.sh $@.tmp \ + build/rootfs.verity.superblock:2c7357ed-ebd2-46d9-aec1-23d437ec2bf5:$$($(SCRIPTS)/format-uuid.sh "$$(dd if=build/rootfs.verity.roothash bs=32 skip=1 count=1 status=none)") \ + build/rootfs.ext4:4f68bce3-e8cd-4db1-96e7-fbcaf984b709:$$($(SCRIPTS)/format-uuid.sh "$$(head -c 32 build/rootfs.verity.roothash)") + mv $@.tmp $@ + +run: build/live.img $(EXT_FS) build/rootfs.verity.roothash $(QEMU_KVM) -cpu host -m 2G \ - -machine q35,kernel=$(KERNEL),kernel-irqchip=split \ + -machine q35,kernel=$(KERNEL),kernel-irqchip=split,initrd=$(INITRAMFS) \ -display gtk,gl=on \ -qmp unix:vmm.sock,server,nowait \ -monitor vc \ -parallel none \ - -drive file=build/rootfs.ext4,if=virtio,format=raw,readonly=on \ + -drive file=build/live.img,if=virtio,format=raw,readonly=on \ -drive file=$(EXT_FS),if=virtio,format=raw,readonly=on \ - -append "console=ttyS0 root=/dev/vda ext=/dev/vdb intel_iommu=on" \ + -append "console=ttyS0 roothash=$$(< build/rootfs.verity.roothash) ext=/dev/vdb intel_iommu=on" \ -device intel-iommu,intremap=on \ -device virtio-vga-gl \ -device vhost-vsock-pci,guest-cid=3 diff --git a/host/rootfs/shell.nix b/host/rootfs/shell.nix index 3b2310f..fe9df1b 100644 --- a/host/rootfs/shell.nix +++ b/host/rootfs/shell.nix @@ -1,18 +1,24 @@ # SPDX-License-Identifier: MIT # SPDX-FileCopyrightText: 2021 Alyssa Ross <hi@alyssa.is> +# SPDX-FileCopyrightText: 2022 Unikie
{ pkgs ? import <nixpkgs> {} }:
+let + rootfs = import ./. { inherit pkgs; }; +in + with pkgs;
-(import ./. { inherit pkgs; }).overrideAttrs ( +rootfs.overrideAttrs ( { passthru ? {}, nativeBuildInputs ? [], ... }:
{ nativeBuildInputs = nativeBuildInputs ++ [ - jq netcat qemu_kvm reuse util-linux + cryptsetup jq netcat qemu_kvm reuse util-linux ];
EXT_FS = pkgsStatic.callPackage ../initramfs/extfs.nix { inherit pkgs; }; + INITRAMFS = import ../initramfs { inherit pkgs rootfs; }; KERNEL = "${passthru.kernel}/${stdenv.hostPlatform.linux-kernel.target}"; }) -- 2.37.1
Hi, This patchset introduces errors in the default qemu configuration of spectrum, where it is possible to see in the console log attempts to load broken aliases like: modprobe: FATAL: Module acpi:PNP0C0F: not found in directory /lib/modules/5.18.0 As well as valid modules load failures like: modprobe: ERROR: could not insert 'vfio_pci': Invalid argument The full boot log is attached for further perusal. Best regards. José.
José Pekkarinen <jose.pekkarinen@unikie.com> writes:
On Thu, Sep 1, 2022 at 1:47 PM Alyssa Ross <hi@alyssa.is> wrote:
This will allow us to stop compiling e.g. the virtio-blk module into the kernel, because it will be loaded by the initramfs.
This introduces some duplication between the rootfs and initramfs's Makefiles. I don't think it's worth the effort at the moment to try to reduce that, because it would come at the expense of additional complexity in the Makefiles. We can revisit this later if we want to.
Signed-off-by: Alyssa Ross <hi@alyssa.is>
Hi,
This patchset introduces errors in the default qemu
configuration of spectrum, where it is possible to see in the console log attempts to load broken aliases like:
modprobe: FATAL: Module acpi:PNP0C0F: not found in directory /lib/modules/5.18.0
This is pretty much expected. The only job of the initramfs is to get the root filesystem mounted, so most kernel modules are not included in it to keep the size down. It just contains modules related to block devices, dm-verity, ext4, etc. If a we try to load a driver in initramfs, and it isn't available, that's fine, because when we get to the root filesystem, we run mdevd-coldplug again, and the module will be loaded at that point. The reason this didn't happen before when testing Spectrum in a VM is that since all the drivers we needed were built in to the kernel, the the block device nodes would be available before userspace even started, meaning that the initramfs simply wouldn't have any time to try and fail loading any other drivers before the rootfs was ready. On hardware, where the appropriate drivers wouldn't have been built in, I assume these messages would already have been normal without this change, although I didn't test.
As well as valid modules load failures like:
modprobe: ERROR: could not insert 'vfio_pci': Invalid argument
I wasn't able to reproduce this, with this series applied on top of commit c0b9dff8653b59f5d2a24bb539cba6c91d3f7506, Nixpkgs commit 4d05083dd894b73941e2e7d3b4f428b0ce1c7007, running Spectrum with `make run' in the host/rootfs directory. I started netvm and verified that the QEMU ethernet device was successfully passed through as well, so vfio-pci was definitely working. Does that differ to the versions you were using to test? If so, could you try with those versions and let me know if that works for you?
On Thu, Sep 8, 2022 at 1:52 PM Alyssa Ross <hi@alyssa.is> wrote:
José Pekkarinen <jose.pekkarinen@unikie.com> writes:
On Thu, Sep 1, 2022 at 1:47 PM Alyssa Ross <hi@alyssa.is> wrote:
This will allow us to stop compiling e.g. the virtio-blk module into the kernel, because it will be loaded by the initramfs.
This introduces some duplication between the rootfs and initramfs's Makefiles. I don't think it's worth the effort at the moment to try to reduce that, because it would come at the expense of additional complexity in the Makefiles. We can revisit this later if we want to.
Signed-off-by: Alyssa Ross <hi@alyssa.is>
Hi,
This patchset introduces errors in the default qemu
configuration of spectrum, where it is possible to see in the console log attempts to load broken aliases like:
modprobe: FATAL: Module acpi:PNP0C0F: not found in directory /lib/modules/5.18.0
This is pretty much expected. The only job of the initramfs is to get the root filesystem mounted, so most kernel modules are not included in it to keep the size down. It just contains modules related to block devices, dm-verity, ext4, etc. If a we try to load a driver in initramfs, and it isn't available, that's fine, because when we get to the root filesystem, we run mdevd-coldplug again, and the module will be loaded at that point.
The reason this didn't happen before when testing Spectrum in a VM is that since all the drivers we needed were built in to the kernel, the the block device nodes would be available before userspace even started, meaning that the initramfs simply wouldn't have any time to try and fail loading any other drivers before the rootfs was ready. On hardware, where the appropriate drivers wouldn't have been built in, I assume these messages would already have been normal without this change, although I didn't test.
As well as valid modules load failures like:
modprobe: ERROR: could not insert 'vfio_pci': Invalid argument
I wasn't able to reproduce this, with this series applied on top of commit c0b9dff8653b59f5d2a24bb539cba6c91d3f7506, Nixpkgs commit 4d05083dd894b73941e2e7d3b4f428b0ce1c7007, running Spectrum with `make run' in the host/rootfs directory. I started netvm and verified that the QEMU ethernet device was successfully passed through as well, so vfio-pci was definitely working.
Does that differ to the versions you were using to test? If so, could you try with those versions and let me know if that works for you?
Yes, I was living in b01594b2c089ce2434dacddccf9a285af7334d24, right version on nixpkgs. Rebasing on upstream main solved the issue. Thanks! José.
José Pekkarinen <jose.pekkarinen@unikie.com> writes:
On Thu, Sep 8, 2022 at 1:52 PM Alyssa Ross <hi@alyssa.is> wrote:
José Pekkarinen <jose.pekkarinen@unikie.com> writes:
On Thu, Sep 1, 2022 at 1:47 PM Alyssa Ross <hi@alyssa.is> wrote:
This will allow us to stop compiling e.g. the virtio-blk module into the kernel, because it will be loaded by the initramfs.
This introduces some duplication between the rootfs and initramfs's Makefiles. I don't think it's worth the effort at the moment to try to reduce that, because it would come at the expense of additional complexity in the Makefiles. We can revisit this later if we want to.
Signed-off-by: Alyssa Ross <hi@alyssa.is>
Hi,
This patchset introduces errors in the default qemu
configuration of spectrum, where it is possible to see in the console log attempts to load broken aliases like:
modprobe: FATAL: Module acpi:PNP0C0F: not found in directory /lib/modules/5.18.0
This is pretty much expected. The only job of the initramfs is to get the root filesystem mounted, so most kernel modules are not included in it to keep the size down. It just contains modules related to block devices, dm-verity, ext4, etc. If a we try to load a driver in initramfs, and it isn't available, that's fine, because when we get to the root filesystem, we run mdevd-coldplug again, and the module will be loaded at that point.
The reason this didn't happen before when testing Spectrum in a VM is that since all the drivers we needed were built in to the kernel, the the block device nodes would be available before userspace even started, meaning that the initramfs simply wouldn't have any time to try and fail loading any other drivers before the rootfs was ready. On hardware, where the appropriate drivers wouldn't have been built in, I assume these messages would already have been normal without this change, although I didn't test.
As well as valid modules load failures like:
modprobe: ERROR: could not insert 'vfio_pci': Invalid argument
I wasn't able to reproduce this, with this series applied on top of commit c0b9dff8653b59f5d2a24bb539cba6c91d3f7506, Nixpkgs commit 4d05083dd894b73941e2e7d3b4f428b0ce1c7007, running Spectrum with `make run' in the host/rootfs directory. I started netvm and verified that the QEMU ethernet device was successfully passed through as well, so vfio-pci was definitely working.
Does that differ to the versions you were using to test? If so, could you try with those versions and let me know if that works for you?
Yes, I was living in b01594b2c089ce2434dacddccf9a285af7334d24,
right version on nixpkgs. Rebasing on upstream main solved the issue.
Thanks!
Awesome! If it's now working for you, want to send me some Tested-by: lines for the patches you've tested, so they can be recorded in the commit log? (Just reply to the patches you've tested with "Tested-by: José Pekkarinen <jose.pekkarinen@unikie.com>" on a line on its own, and then it'll be automatically picked up when I apply the patches.)
On Thu, Sep 1, 2022 at 1:47 PM Alyssa Ross <hi@alyssa.is> wrote:
This will allow us to stop compiling e.g. the virtio-blk module into the kernel, because it will be loaded by the initramfs.
This introduces some duplication between the rootfs and initramfs's Makefiles. I don't think it's worth the effort at the moment to try to reduce that, because it would come at the expense of additional complexity in the Makefiles. We can revisit this later if we want to.
Signed-off-by: Alyssa Ross <hi@alyssa.is>
Tested-by: José Pekkarinen <jose.pekkarinen@unikie.com>
--- host/rootfs/Makefile | 32 ++++++++++++++++++++++++++++---- host/rootfs/shell.nix | 10 ++++++++-- 2 files changed, 36 insertions(+), 6 deletions(-)
diff --git a/host/rootfs/Makefile b/host/rootfs/Makefile index 41cf87c..31f76d2 100644 --- a/host/rootfs/Makefile +++ b/host/rootfs/Makefile @@ -6,6 +6,9 @@ # QEMU_KVM = qemu-system-x86_64 -enable-kvm. QEMU_KVM = qemu-kvm
+SCRIPTS = ../../scripts +VERITYSETUP = veritysetup + # tar2ext4 will leave half a filesystem behind if it's interrupted # half way through. build/rootfs.ext4: build/rootfs.tar @@ -116,16 +119,37 @@ clean: rm -rf build .PHONY: clean
-run: build/rootfs.ext4 $(EXT_FS) +# veritysetup format produces two files, but Make only (portably) +# supports one output per rule, so we combine the two outputs then +# define two more rules to separate them again. +build/rootfs.verity: build/rootfs.ext4 + $(VERITYSETUP) format build/rootfs.ext4 build/rootfs.verity.superblock.tmp \ + | awk -F ':[[:blank:]]*' '$$1 == "Root hash" {print $$2; exit}' \ + > build/rootfs.verity.roothash.tmp + cat build/rootfs.verity.roothash.tmp build/rootfs.verity.superblock.tmp \ + > $@ + rm build/rootfs.verity.roothash.tmp build/rootfs.verity.superblock.tmp +build/rootfs.verity.roothash: build/rootfs.verity + head -n 1 build/rootfs.verity > $@ +build/rootfs.verity.superblock: build/rootfs.verity + tail -n +2 build/rootfs.verity > $@ + +build/live.img: $(SCRIPTS)/format-uuid.sh $(SCRIPTS)/make-gpt.sh build/rootfs.verity.superblock build/rootfs.verity.roothash build/rootfs.ext4 + $(SCRIPTS)/make-gpt.sh $@.tmp \ + build/rootfs.verity.superblock:2c7357ed-ebd2-46d9-aec1-23d437ec2bf5:$$($(SCRIPTS)/format-uuid.sh "$$(dd if=build/rootfs.verity.roothash bs=32 skip=1 count=1 status=none)") \ + build/rootfs.ext4:4f68bce3-e8cd-4db1-96e7-fbcaf984b709:$$($(SCRIPTS)/format-uuid.sh "$$(head -c 32 build/rootfs.verity.roothash)") + mv $@.tmp $@ + +run: build/live.img $(EXT_FS) build/rootfs.verity.roothash $(QEMU_KVM) -cpu host -m 2G \ - -machine q35,kernel=$(KERNEL),kernel-irqchip=split \ + -machine q35,kernel=$(KERNEL),kernel-irqchip=split,initrd=$(INITRAMFS) \ -display gtk,gl=on \ -qmp unix:vmm.sock,server,nowait \ -monitor vc \ -parallel none \ - -drive file=build/rootfs.ext4,if=virtio,format=raw,readonly=on \ + -drive file=build/live.img,if=virtio,format=raw,readonly=on \ -drive file=$(EXT_FS),if=virtio,format=raw,readonly=on \ - -append "console=ttyS0 root=/dev/vda ext=/dev/vdb intel_iommu=on" \ + -append "console=ttyS0 roothash=$$(< build/rootfs.verity.roothash) ext=/dev/vdb intel_iommu=on" \ -device intel-iommu,intremap=on \ -device virtio-vga-gl \ -device vhost-vsock-pci,guest-cid=3 diff --git a/host/rootfs/shell.nix b/host/rootfs/shell.nix index 3b2310f..fe9df1b 100644 --- a/host/rootfs/shell.nix +++ b/host/rootfs/shell.nix @@ -1,18 +1,24 @@ # SPDX-License-Identifier: MIT # SPDX-FileCopyrightText: 2021 Alyssa Ross <hi@alyssa.is> +# SPDX-FileCopyrightText: 2022 Unikie
{ pkgs ? import <nixpkgs> {} }:
+let + rootfs = import ./. { inherit pkgs; }; +in + with pkgs;
-(import ./. { inherit pkgs; }).overrideAttrs ( +rootfs.overrideAttrs ( { passthru ? {}, nativeBuildInputs ? [], ... }:
{ nativeBuildInputs = nativeBuildInputs ++ [ - jq netcat qemu_kvm reuse util-linux + cryptsetup jq netcat qemu_kvm reuse util-linux ];
EXT_FS = pkgsStatic.callPackage ../initramfs/extfs.nix { inherit pkgs; }; + INITRAMFS = import ../initramfs { inherit pkgs rootfs; }; KERNEL = "${passthru.kernel}/${stdenv.hostPlatform.linux-kernel.target}"; }) -- 2.37.1
-- José.
This patch has been committed as 6af16d04b71fd4a675e77dd707bc8e36513c8a85, which can be viewed online at https://spectrum-os.org/git/spectrum/commit/?id=6af16d04b71fd4a675e77dd707bc.... This is an automated message. Send comments/questions/requests to: Alyssa Ross <hi@alyssa.is>
participants (3)
-
Alyssa Ross -
Alyssa Ross -
José Pekkarinen