From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on atuin X-Spam-Level: X-Spam-Status: No, score=-1.3 required=3.0 tests=DKIM_INVALID,DKIM_SIGNED, HEADER_FROM_DIFFERENT_DOMAINS,MAILING_LIST_MULTI,RCVD_IN_DNSWL_LOW, SPF_HELO_PASS autolearn=ham autolearn_force=no version=3.4.2 Received: from [127.0.1.1] (localhost [IPv6:::1]) by atuin.qyliss.net (Postfix) with ESMTP id 4CC775762; Mon, 9 Dec 2019 01:48:15 +0000 (UTC) Received: from wout1-smtp.messagingengine.com (wout1-smtp.messagingengine.com [64.147.123.24]) by atuin.qyliss.net (Postfix) with ESMTPS id 0E8DA57CA for ; Mon, 9 Dec 2019 01:48:10 +0000 (UTC) Received: from compute5.internal (compute5.nyi.internal [10.202.2.45]) by mailout.west.internal (Postfix) with ESMTP id 6C2242D5; Sun, 8 Dec 2019 20:48:07 -0500 (EST) Received: from mailfrontend2 ([10.202.2.163]) by compute5.internal (MEProxy); Sun, 08 Dec 2019 20:48:07 -0500 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=alyssa.is; h= from:to:cc:subject:date:message-id:mime-version :content-transfer-encoding; s=fm1; bh=P0RxhfJ/mQ3wDRGsazuNbjRCu9 OJvRQw4+M9lHdjglo=; b=g3VmaFuEHU6KTZiu5sL4RjfRSJlKklrWO86X/qHUwB zx8mwqfzCqK9CAUiwqOawCLuxBP8Wtx+FPhxUjze1fX9RKciFRqin3eLi7cJZCed t9FLehGTDP/PRM2WiJMxEM3S4rSwIMhBAzBbQFzO4hDQW/x6BgUkJrQfL5R04IsH wdiBzeuBj0AAbMWhsEgO+wuOej/fj4hRKCDOVYhe94G5qtelqnoBShZKqLSCBF5W jJcC9nQ42DBVV9cyHAW76VstWsJMurgQu53hSxml8BlyIiRdbnGUedAOFJnE8aGi Hsl8BjulZJwAD4e7d0IMhW6tu5QfvH1FkBugjbXjODDg== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:content-transfer-encoding:date:from :message-id:mime-version:subject:to:x-me-proxy:x-me-proxy :x-me-sender:x-me-sender:x-sasl-enc; s=fm1; bh=P0RxhfJ/mQ3wDRGsa zuNbjRCu9OJvRQw4+M9lHdjglo=; b=qlDZZznLLfEmt6fA9BS9iAcS4xZOJOU3q XazZ/t71qNAMKphzPtUYzmOA/ZuONHp9tzFOkdeYHKayd85lwnxU2eipacBS7HLg t5DfsOZc5VOJxSzepdiGfXIIomwOF2mBo4acq/9tCNtwLo7WCtt+LzG6Gb7wsqDf /pWMGZiVFdEzUOi96gYBmBCG4Tgqnj9b1vRyeZnOAC0TND7wIiZ9kHv01GBSCBid 3IBUYXZApLhu4suDE8qGrEiXYsxwAAgBiaHkBIbnMEpsll/hB7mXTHWXNdyj+2pT 5eI/kVn0pIPvDWFlh0kcbDqtZQsoNMs4bPx4WUI61nb+Mx4cyt8Cw== X-ME-Sender: X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedufedrudekledgfeeiucetufdoteggodetrfdotf fvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdfqfgfvpdfurfetoffkrfgpnffqhgen uceurghilhhouhhtmecufedttdenucenucfjughrpefhvffufffkofgggfestdekredtre dttdenucfhrhhomheptehlhihsshgrucftohhsshcuoehhihesrghlhihsshgrrdhisheq necukfhppeejledrvdefhedruddvfedrudehfeenucfrrghrrghmpehmrghilhhfrhhomh epqhihlhhishhsseigvddvtddrqhihlhhishhsrdhnvghtnecuvehluhhsthgvrhfuihii vgeptd X-ME-Proxy: Received: from x220.qyliss.net (p4feb7b99.dip0.t-ipconnect.de [79.235.123.153]) by mail.messagingengine.com (Postfix) with ESMTPA id EE79930600E0; Sun, 8 Dec 2019 20:48:05 -0500 (EST) Received: by x220.qyliss.net (Postfix, from userid 1000) id 1EF691455C6; Mon, 9 Dec 2019 01:46:33 +0000 (UTC) From: Alyssa Ross To: devel@spectrum-os.org Subject: [PATCH] start-vm.nix: implement 3-stage init Date: Mon, 9 Dec 2019 01:45:24 +0000 Message-Id: <20191209014523.3938-1-hi@alyssa.is> X-Mailer: git-send-email 2.23.0 MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Message-ID-Hash: U2KT5KDA5EY7UFFGD54NE5E3RWHUBOTV X-Message-ID-Hash: U2KT5KDA5EY7UFFGD54NE5E3RWHUBOTV X-MailFrom: qyliss@x220.qyliss.net X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; suspicious-header CC: Alyssa Ross , edef X-Mailman-Version: 3.2.2 Precedence: list List-Id: Patches and low-level development discussion Archived-At: List-Archive: List-Help: List-Post: List-Subscribe: List-Unsubscribe: This uses s6-svscan as stage 2. Right now all that means is reaping zombies -- there are no services for it to supervise. The application being run in the VM (sommelier hello-wayland in this case) is just run as a direct child of init. I felt it didn't belong as a service because it shouldn't be restarted when it terminates. I don't use s6-linux-init for a couple of reasons: - A lot of the reason to use s6-linux-init comes from wanting to do clever things to seamlessly redirect logs from the console to the file system at some point during stage1. For VMs, I think we're better just logging to the console so logs can be managed in one place on the host. - s6-linux-init is a pain with Nix, because s6-linux-init-maker needs to be run as root, and it generates stuff like pipes that can't be stored in the Nix store. coreutils is only used for cp-ing stage3 to the right place. When services are implemented, this can be removed and the VMs will have one less dependency. To shutdown, we use reboot instead of poweroff because that's what actually gets crosvm to quit. reboot(RB_POWER_OFF) seems to be interpreted by the kernel as halt for some reason I have failed to determine. It prints the halt message and everything. reboot(RB_HALT_SYSTEM) does exactly the same thing. Maybe it's just something to do with running in a VM. --- I've pushed this to crosvm-demo already, but I'm posting it here for feedback and suggestions, especially from anybody with experience with inits or s6. start-vm.nix | 54 +++++++++++++++++++++++++++++++++++++++++----------- 1 file changed, 43 insertions(+), 11 deletions(-) diff --git a/start-vm.nix b/start-vm.nix index b8d20007521..1345a5620c6 100644 --- a/start-vm.nix +++ b/start-vm.nix @@ -14,25 +14,57 @@ let DEVTMPFS_MOUNT =3D yes; }; }; =20 - init =3D writeShellScript "init" '' - set -xe - ${coreutils}/bin/mkdir /dev/pts /dev/shm - ${utillinux}/bin/mount -t tmpfs none /tmp - ${utillinux}/bin/mount -t devpts -o gid=3D4,mode=3D620 none /dev/pts - ${utillinux}/bin/mount -t tmpfs none /dev/shm - export XDG_RUNTIME_DIR=3D/tmp - ${sommelier}/bin/sommelier ${hello-wayland}/bin/hello-wayland + stage1 =3D writeScript "stage1" '' + #! ${execline}/bin/execlineb -P + importas -i PATH PATH + export PATH ${lib.makeBinPath + [ s6-linux-init s6-portable-utils s6-linux-utils s6 execline coreu= tils ]} + ${s6}/bin/s6-setsid -qb -- + umask 022 + if { s6-mount -t tmpfs -o mode=3D0755 tmpfs /run } + if { s6-mkdir -p /run/service/.s6-svscan } + if { cp ${stage3} /run/service/.s6-svscan/finish } + emptyenv -p + + background { + s6-setsid -- + if { s6-mkdir -p /run/user/0 /dev/pts /dev/shm } + if { s6-mount -t devpts -o gid=3D4,mode=3D620 none /dev/pts } + if { s6-mount -t tmpfs none /dev/shm } + if { s6-mount -t proc none /proc } + export XDG_RUNTIME_DIR /run/user/0 + foreground { ${sommelier}/bin/sommelier ${hello-wayland}/bin/hello= -wayland } + importas -i ? ? + if { echo STATUS: $? } + s6-svscanctl -6 /run/service + } + + unexport ! + cd /run/service + s6-svscan + ''; + + stage3 =3D writeScript "stage3" '' + #! ${execline}/bin/execlineb -S0 + foreground { s6-nuke -th } + s6-sleep -m -- 2000 + foreground { s6-nuke -k } + wait { } + s6-linux-init-hpr -fr ''; =20 rootfs =3D runCommand "rootfs" {} '' - mkdir dev bin tmp + mkdir bin dev proc run tmp ln -s ${dash}/bin/sh bin - (cat ${writeReferencesToFile init}; printf "%s\n" bin dev tmp) | xar= gs tar -cP --hard-dereference | ${squashfs-tools-ng}/bin/tar2sqfs $out + + (cat ${writeReferencesToFile stage1}; printf "%s\n" bin dev proc run= tmp) \ + | xargs tar -cP --owner root:0 --group root:0 --hard-dereferenc= e \ + | ${squashfs-tools-ng}/bin/tar2sqfs $out ''; =20 in =20 writeShellScript "crosvm" '' set -x - exec ${crosvm}/bin/crosvm run --wayland-sock=3D$XDG_RUNTIME_DIR/$WAYLA= ND_DISPLAY -p init=3D${init} --root=3D${rootfs} ${kernel}/bzImage + exec ${crosvm}/bin/crosvm run --wayland-sock=3D$XDG_RUNTIME_DIR/$WAYLA= ND_DISPLAY -p init=3D${stage1} --root=3D${rootfs} ${kernel}/bzImage '' --=20 2.23.0