[PATCH 1/2] img/app: change virtio-fs tag to "host"
It doesn't seem likely to me that we'll have multiple virtio-fs devices from the host, so let's use something a bit more clear and precise. Signed-off-by: Alyssa Ross <hi@alyssa.is> --- Documentation/using-spectrum/creating-custom-vms.adoc | 2 +- img/app/Makefile | 4 ++-- img/app/image/etc/mdev/virtiofs | 2 +- img/app/scripts/start-virtiofsd.elb | 2 +- release/checks/wayland/default.nix | 4 ++-- tools/start-vmm/lib.rs | 2 +- tools/start-vmm/tests/vm_command-basic.rs | 2 +- 7 files changed, 9 insertions(+), 9 deletions(-) diff --git a/Documentation/using-spectrum/creating-custom-vms.adoc b/Documentation/using-spectrum/creating-custom-vms.adoc index a397ac50..8d915e1a 100644 --- a/Documentation/using-spectrum/creating-custom-vms.adoc +++ b/Documentation/using-spectrum/creating-custom-vms.adoc @@ -91,7 +91,7 @@ should configure `eth0` with the IPv4 address `100.64.165.70` (because === Filesystem Every VM has a virtio-fs device that exposes the /run/vm/by-id/_VM -ID_/fs directory on the host, with the tag "virtiofs0". The VM cannot +ID_/fs directory on the host, with the tag "host". The VM cannot write directly into that directory, but it's possible to create a subdirectory on the host and bind mount a directory from a writeable filesystem into it to provide the VM with access to shared storage. diff --git a/img/app/Makefile b/img/app/Makefile index 7354f892..69c85bba 100644 --- a/img/app/Makefile +++ b/img/app/Makefile @@ -99,7 +99,7 @@ run-qemu: $(imgdir)/appvm/blk/root.img start-vhost-user-net start-virtiofsd -netdev vhost-user,id=net0,chardev=vhost-user-net \ -device virtio-net,netdev=net0,mac=02:00:00:00:00:01 \ -chardev socket,id=virtiofsd,path=build/virtiofsd.sock \ - -device vhost-user-fs-pci,chardev=virtiofsd,tag=virtiofs0 \ + -device vhost-user-fs-pci,chardev=virtiofsd,tag=host \ -device virtio-gpu-rutabaga-pci,cross-domain=on,hostmem=8G \ -audio driver=pipewire,model=virtio \ -object memory-backend-memfd,id=mem,size=256M,share=on \ @@ -117,7 +117,7 @@ run-cloud-hypervisor: $(imgdir)/appvm/blk/root.img start-vhost-user-gpu start-vh --api-socket path=build/vmm.sock \ --memory size=1G,shared=on \ --disk path=$(imgdir)/appvm/blk/root.img,readonly=on \ - --fs tag=virtiofs0,socket=build/virtiofsd.sock \ + --fs tag=host,socket=build/virtiofsd.sock \ --gpu socket=build/vhost-user-gpu.sock \ --vsock cid=3,socket=build/vsock.sock \ --net mac=02:00:00:00:00:01,vhost_user=on,socket=build/vhost-user-net.sock \ diff --git a/img/app/image/etc/mdev/virtiofs b/img/app/image/etc/mdev/virtiofs index b6e505bc..bda77483 100755 --- a/img/app/image/etc/mdev/virtiofs +++ b/img/app/image/etc/mdev/virtiofs @@ -7,6 +7,6 @@ background { # virtiofs filesystems, so we only supported a single, hardcoded # filesystem tag for now. if { mkdir -p /run/virtiofs/virtiofs0 } - if { mount -t virtiofs -o nodev virtiofs0 /run/virtiofs/virtiofs0 } + if { mount -t virtiofs -o nodev host /run/virtiofs/virtiofs0 } /etc/mdev/listen virtiofs0 } diff --git a/img/app/scripts/start-virtiofsd.elb b/img/app/scripts/start-virtiofsd.elb index fa3a234e..9efb436b 100755 --- a/img/app/scripts/start-virtiofsd.elb +++ b/img/app/scripts/start-virtiofsd.elb @@ -11,5 +11,5 @@ background { if { importas -Si CONFIG mount --rbind -- ${CONFIG}/fs build/fs/config } unshare --map-user 1000 --map-group 1000 importas -SsD virtiofsd VIRTIOFSD - $VIRTIOFSD --fd 0 --shared-dir build/fs --tag virtiofs0 + $VIRTIOFSD --fd 0 --shared-dir build/fs --tag host } diff --git a/release/checks/wayland/default.nix b/release/checks/wayland/default.nix index a053e605..55c7d6d1 100644 --- a/release/checks/wayland/default.nix +++ b/release/checks/wayland/default.nix @@ -32,7 +32,7 @@ testers.nixosTest ({ lib, pkgs, ... }: { systemd.services.cloud-hypervisor = { after = [ "crosvm-gpu.service" "weston.service" ]; requires = [ "crosvm-gpu.service" "weston.service" ]; - serviceConfig.ExecStart = "${lib.getExe pkgs.cloud-hypervisor} --memory shared=on --disk path=${appvm}/lib/spectrum/img/appvm/blk/root.img,readonly=on --cmdline \"console=ttyS0 root=PARTLABEL=root\" --fs socket=/run/virtiofsd.sock,tag=virtiofs0 --gpu socket=/run/crosvm-gpu.sock --vsock cid=3,socket=/run/vsock.sock --serial tty --console null --kernel ${appvm}/lib/spectrum/img/appvm/vmlinux"; + serviceConfig.ExecStart = "${lib.getExe pkgs.cloud-hypervisor} --memory shared=on --disk path=${appvm}/lib/spectrum/img/appvm/blk/root.img,readonly=on --cmdline \"console=ttyS0 root=PARTLABEL=root\" --fs socket=/run/virtiofsd.sock,tag=host --gpu socket=/run/crosvm-gpu.sock --vsock cid=3,socket=/run/vsock.sock --serial tty --console null --kernel ${appvm}/lib/spectrum/img/appvm/vmlinux"; }; systemd.services.crosvm = { @@ -79,7 +79,7 @@ testers.nixosTest ({ lib, pkgs, ... }: { }; systemd.services.virtiofsd = { - serviceConfig.ExecStart = "${lib.getExe pkgs.virtiofsd} --fd 3 --shared-dir /shared --tag virtiofs0"; + serviceConfig.ExecStart = "${lib.getExe pkgs.virtiofsd} --fd 3 --shared-dir /shared --tag host"; serviceConfig.Restart = "on-success"; requires = [ "shared-config.mount" ]; after = [ "shared-config.mount" ]; diff --git a/tools/start-vmm/lib.rs b/tools/start-vmm/lib.rs index b44e0375..4b2aedda 100644 --- a/tools/start-vmm/lib.rs +++ b/tools/start-vmm/lib.rs @@ -81,7 +81,7 @@ pub fn vm_config(vm_dir: &Path) -> Result<VmConfig, String> { Err(e) => return Err(format!("reading directory {blk_dir:?}: {e}")), }, fs: [FsConfig { - tag: "virtiofs0", + tag: "host", socket: format!( "/run/service/vm-services/instance/{vm_name}/data/service/vhost-user-fs/env/virtiofsd.sock" ), diff --git a/tools/start-vmm/tests/vm_command-basic.rs b/tools/start-vmm/tests/vm_command-basic.rs index 866a6e19..533e2d2d 100644 --- a/tools/start-vmm/tests/vm_command-basic.rs +++ b/tools/start-vmm/tests/vm_command-basic.rs @@ -28,7 +28,7 @@ fn main() -> std::io::Result<()> { assert!(disk1.readonly); assert_eq!(config.fs.len(), 1); let fs1 = &config.fs[0]; - assert_eq!(fs1.tag, "virtiofs0"); + assert_eq!(fs1.tag, "host"); let expected = "/run/service/vm-services/instance/testvm/data/service/vhost-user-fs/env/virtiofsd.sock"; assert_eq!(fs1.socket, expected); base-commit: 814a589b2b0fb4eeed06e1a1a9ce536f6b5ee91d -- 2.51.0
It doesn't really make sense for this to be under /run, and "virtiofs0" is not a very descriptive name, especially now that it's no longer used on the host side. Signed-off-by: Alyssa Ross <hi@alyssa.is> --- Documentation/using-spectrum/vm-file-access.adoc | 8 ++++---- .../image/etc/vm-sysupdate.d/50-verity.transfer | 2 +- .../image/etc/vm-sysupdate.d/60-root.transfer | 2 +- .../image/etc/vm-sysupdate.d/70-kernel.transfer | 2 +- img/app/Makefile | 2 +- .../image/etc/flatpak/installations.d/extra.conf | 2 +- img/app/image/etc/mdev/virtiofs | 8 ++------ img/app/image/etc/s6-rc/app/run | 16 ++++++++-------- tools/default.nix | 2 +- vm/app/systemd-sysupdate/download-update | 6 +++--- 10 files changed, 23 insertions(+), 27 deletions(-) diff --git a/Documentation/using-spectrum/vm-file-access.adoc b/Documentation/using-spectrum/vm-file-access.adoc index 1b4fe9a5..a76272f1 100644 --- a/Documentation/using-spectrum/vm-file-access.adoc +++ b/Documentation/using-spectrum/vm-file-access.adoc @@ -37,10 +37,10 @@ the portal. When using an application that doesn't implement the File Chooser API, you can still give it access to files manually. Each VM has xref:creating-custom-vms.adoc#filesystem[access] to the -/run/vm/by-id/_VM ID_/fs directory on the host (mounted at -/run/virtiofs/virtiofs0 in the default Spectrum VM image). For the -VM, this directory is read-only, but writeable files and directories -can be bind-mounted into it: +/run/vm/by-id/_VM ID_/fs directory on the host (mounted at /host in +the default Spectrum VM image). For the VM, this directory is +read-only, but writeable files and directories can be bind-mounted +into it: [example] ==== diff --git a/host/rootfs/image/etc/vm-sysupdate.d/50-verity.transfer b/host/rootfs/image/etc/vm-sysupdate.d/50-verity.transfer index ab4997c8..8c764fbd 100644 --- a/host/rootfs/image/etc/vm-sysupdate.d/50-verity.transfer +++ b/host/rootfs/image/etc/vm-sysupdate.d/50-verity.transfer @@ -13,6 +13,6 @@ MatchPattern=Spectrum_@v_@u.verity [Target] Type=regular-file -Path=/run/virtiofs/virtiofs0/updates +Path=/host/updates MatchPattern=Spectrum_@v_@u.verity Mode=0644 diff --git a/host/rootfs/image/etc/vm-sysupdate.d/60-root.transfer b/host/rootfs/image/etc/vm-sysupdate.d/60-root.transfer index 8a317568..93af34ac 100644 --- a/host/rootfs/image/etc/vm-sysupdate.d/60-root.transfer +++ b/host/rootfs/image/etc/vm-sysupdate.d/60-root.transfer @@ -13,6 +13,6 @@ MatchPattern=Spectrum_@v_@u.root [Target] Type=regular-file -Path=/run/virtiofs/virtiofs0/updates +Path=/host/updates MatchPattern=Spectrum_@v_@u.root Mode=0644 diff --git a/host/rootfs/image/etc/vm-sysupdate.d/70-kernel.transfer b/host/rootfs/image/etc/vm-sysupdate.d/70-kernel.transfer index cb181239..90d26874 100644 --- a/host/rootfs/image/etc/vm-sysupdate.d/70-kernel.transfer +++ b/host/rootfs/image/etc/vm-sysupdate.d/70-kernel.transfer @@ -13,6 +13,6 @@ MatchPattern=Spectrum_@v.efi [Target] Type=regular-file -Path=/run/virtiofs/virtiofs0/updates +Path=/host/updates MatchPattern=Spectrum_@v.efi Mode=0644 diff --git a/img/app/Makefile b/img/app/Makefile index 69c85bba..7e3d05b2 100644 --- a/img/app/Makefile +++ b/img/app/Makefile @@ -30,7 +30,7 @@ $(imgdir)/appvm/blk/root.img: ../../scripts/make-gpt.sh ../../scripts/sfdisk-fie build/rootfs.erofs:root:5460386f-2203-4911-8694-91400125c604:root mv $@.tmp $@ -DIRS = dev home/user run mnt proc sys tmp \ +DIRS = dev home/user host run mnt proc sys tmp \ etc/s6-linux-init/run-image/pipewire \ etc/s6-linux-init/run-image/service \ etc/s6-linux-init/run-image/user \ diff --git a/img/app/image/etc/flatpak/installations.d/extra.conf b/img/app/image/etc/flatpak/installations.d/extra.conf index 448902b4..4b3bd5e6 100644 --- a/img/app/image/etc/flatpak/installations.d/extra.conf +++ b/img/app/image/etc/flatpak/installations.d/extra.conf @@ -2,4 +2,4 @@ # SPDX-FileCopyrightText: 2025 Alyssa Ross <hi@alyssa.is> [Installation "virtiofs"] -Path=/run/virtiofs/virtiofs0/config/flatpak +Path=/host/config/flatpak diff --git a/img/app/image/etc/mdev/virtiofs b/img/app/image/etc/mdev/virtiofs index bda77483..a0b9dd7d 100755 --- a/img/app/image/etc/mdev/virtiofs +++ b/img/app/image/etc/mdev/virtiofs @@ -3,10 +3,6 @@ # SPDX-FileCopyrightText: 2022-2023 Alyssa Ross <hi@alyssa.is> background { - # There's currently no kernel mechanism to let us enumerate available - # virtiofs filesystems, so we only supported a single, hardcoded - # filesystem tag for now. - if { mkdir -p /run/virtiofs/virtiofs0 } - if { mount -t virtiofs -o nodev host /run/virtiofs/virtiofs0 } - /etc/mdev/listen virtiofs0 + if { mount -t virtiofs -o nodev host /host } + /etc/mdev/listen virtiofs-host } diff --git a/img/app/image/etc/s6-rc/app/run b/img/app/image/etc/s6-rc/app/run index 997897de..f91877d4 100755 --- a/img/app/image/etc/s6-rc/app/run +++ b/img/app/image/etc/s6-rc/app/run @@ -7,27 +7,27 @@ export TMPDIR /run export HOME /home/user cd /home/user -if { /etc/mdev/wait virtiofs0 } +if { /etc/mdev/wait virtiofs-host } foreground { - redirfd -r 0 /run/virtiofs/virtiofs0/config/type + redirfd -r 0 /host/config/type withstdinas -E type case $type { appimage { if { modprobe loop } if { - backtick -E offset { /run/virtiofs/virtiofs0/config/run --appimage-offset } - mount -o offset=${offset},nodev /run/virtiofs/virtiofs0/config/run /mnt + backtick -E offset { /host/config/run --appimage-offset } + mount -o offset=${offset},nodev /host/config/run /mnt } s6-setuidgid user - export APPIMAGE /run/virtiofs/virtiofs0/config/run + export APPIMAGE /host/config/run export APPDIR /mnt export ARGV0 /mnt/AppRun export LD_LIBRARY_PATH /lib64 /mnt/AppRun } flatpak { - s6-envdir -fnL /run/virtiofs/virtiofs0/config/params + s6-envdir -fnL /host/config/params s6-setuidgid user multisubstitute { importas -iu id id @@ -42,12 +42,12 @@ foreground { nix { if { mount -t overlay - -o ro,nosuid,nodev,lowerdir=/nix/store:/run/virtiofs/virtiofs0/config/nix/store + -o ro,nosuid,nodev,lowerdir=/nix/store:/host/config/nix/store store /nix/store } s6-setuidgid user - /run/virtiofs/virtiofs0/config/run + /host/config/run } } fdmove -c 1 2 diff --git a/tools/default.nix b/tools/default.nix index da82f075..56f41cd9 100644 --- a/tools/default.nix +++ b/tools/default.nix @@ -101,7 +101,7 @@ stdenv.mkDerivation (finalAttrs: { (lib.mesonBool "app" appSupport) (lib.mesonBool "host" hostSupport) (lib.mesonBool "driver" driverSupport) - "-Dhostfsrootdir=/run/virtiofs/virtiofs0" + "-Dhostfsrootdir=/host" "-Dtests=false" "-Dunwind=false" "-Dwerror=true" diff --git a/vm/app/systemd-sysupdate/download-update b/vm/app/systemd-sysupdate/download-update index 40fde88d..b76c9deb 100755 --- a/vm/app/systemd-sysupdate/download-update +++ b/vm/app/systemd-sysupdate/download-update @@ -5,7 +5,7 @@ export LC_ALL C export LANGUAGE C unshare -mr -if { mount -toverlay -o nosuid,nodev,noexec,nosymfollow,lowerdir=/run/virtiofs/virtiofs0/etc:/etc -- overlay /etc } +if { mount -toverlay -o nosuid,nodev,noexec,nosymfollow,lowerdir=/host/etc:/etc -- overlay /etc } backtick tmpdir { mktemp -d /tmp/sysupdate-XXXXXX } # Not a useless use of cat: if there are NUL bytes in the URL # busybox's awk might misbehave. @@ -70,6 +70,6 @@ if { # they cause globbing in the curl command-line tool by default. Use --globoff # to disable this feature. if { $CURL_PATH -L --proto-redir =http,https --globoff - -o /run/virtiofs/virtiofs0/updates/SHA256SUMS -- ${update_url}/SHA256SUMS } + -o /host/updates/SHA256SUMS -- ${update_url}/SHA256SUMS } $CURL_PATH -L --proto-redir =http,https --globoff - -o /run/virtiofs/virtiofs0/updates/SHA256SUMS.sha256.asc -- ${update_url}/SHA256SUMS.sha256.asc + -o /host/updates/SHA256SUMS.sha256.asc -- ${update_url}/SHA256SUMS.sha256.asc -- 2.51.0
participants (1)
-
Alyssa Ross